AuthPoint Identity Security Essentials Flashcards
MFA requires any combination of these three things.
Something you know | Password
Something you have | Phone
Something you are | Fingerprint
AuthPoint is WatchGuard’s MFA service, it includes what 2 products?
AuthPoint MFA
AuthPoint Total Identity Security
For AuthPoint, there are two authentication device routes you can have. What are they?
Mobile App
Hardware Token
What is a token?
What is it used for?
Something, such as a digital signature or fingerprint, that identifies a user and associates the user with a device.
They require activation.
Used in addition to, or in place of, a password when a user logs in to a protected resource.
Benefits of Authentication.
Gives admins a way to identify the users that access resources.
To authenticate, you must provide something that proves your identity.
What is Authorization? Give AuthPoint specifics.
It is how admins define which users are allowed access to a resource.
Groups and authentication policies control authentication.
What are the three MFA methods?
Describe them.
Push Notification: When a user logs in, AuthPoint sends a push notification to the user’s mobile device. The
user approves the push notification to authenticate, or denies it to prevent an unauthorized access attempt.
QR Code: When a user logs in, a QR code appears. The AuthPoint app uses the phone camera to scan the
QR code and displays a verification code, which the user must type to authenticate. AuthPoint uses secure
QR codes that only the AuthPoint mobile app can decrypt.
One-Time Password (OTP): When a user logs in, the user must provide a unique, temporary password
generated by the AuthPoint app to authenticate.
What is the AuthPoint Management UI?
What does it manage? 10 sections on the main screen.
Where is Dark Web Monitoring configured?
It’s the management platform for AuthPoint in WatchGuard Cloud.
It’s where you set up and manage:
policies
resources
groups
objects
users
ext ids
gateway
hardware tokens
user inheritance
corporate applications
It also provides reports and audit logs for monitoring authentication activity and issue troubleshooting.
It’s managed under Administration in WatchGuard Cloud.
Within the context of AuthPoint:
What are Resources?
What are Authentication policies?
What are External Identities?
Resources are the applications that you define for use with AuthPoint.
Authentication Policies specify which resources AuthPoint users can authenticate to, and which authentication methods they can use.
External Identities connect to a user databases to get user account information and validate passwords.
What can the AuthPoint Mobile App do?
View and manage tokens, approve Push Notifications, get OTP’s, scan QR codes, and view and manage saved credentials (password manager).
You can protect tokens behind PIN or Biometric ID.
What can the AuthPoint Browser Extension do?
Password management.
Can save and manage credentials in a personal password vault.
What is the AuthPoint Gateway application?
Where can you download/install it from?
It’s a lightweight software application that you install on your network so that AuthPoint can securely communicate with your RADIUS clients and LDAP databases.
The Gateway operates as a RADIUS server for RADIUS authentication, and is also used to import LDAP users and validate their passwords.
Downloads page in AuthPoint Management UI.
What is the Logon App?
What is it used for?
Requirements?
Used to require authentication when users log on to a computer or server.
Includes protection for RDP and RD Gateway (remote access).
For windows and mac.
Download application to computer and configure AuthPoint Resource.
Define ADFS.
What can you use the AuthPoint Agent for ADFS for?
What 3 parts make the Agent?
Microsoft Active Directory Federation Services is a Windows Server component that provides users with authenticated access to applications.
You can add MFA to ADFS for added security.
Installed agent, Gateway, configured Resource.
Define RD Web.
What does the AuthPoint Agent for RD Web do?
What 2 parts make the Agent?
Microsoft Remote Desktop Web Access is a web page that shows a list of applications published from a server. From the webpage, authenticated users can launch each application.
Provides MFA to RD Web Access.
Installed Agent, configured Resource.
What Resource types are supported? What are they?
There are 8.
IdP Portal: A portal page that shows users the SAML resources available to them.
Logon App: Used to configure and define authentication policies for the Logon App.
RD Web: Used to add MFA to RD Web.
Firebox: Enable AuthPoint as an auth. server on a locally managed firebox connected to WG Cloud.
RADIUS Client: An application or service that uses RADIUS authentication.
SAML: An application or service that uses SAML authentication.
ADFS: Used to add MFA to ADFS authentication.
RESTful API Client: Used to configure and define authentication policies for a RESTful API client.
What are the 10 AuthPoint settings tiles?
Give a brief description of uses.
Authpoint Policies: Configure auth. policies to specify which resources AuthPoint users can authenticate to and which authentication methods they can use.
Resources: Configure the applications and services that your users connect to.
Groups: Configure user groups.
Policy Objects: Configure th policy objects to define specific scenarios that authentication policies apply to.
Users: Manage AuthPoint users and tokens. Add users directly in AuthPoint or import from an external LDAP server.
External Identities: Configure the information required for AuthPoint to connect to AD or LDAP databases to get user account info and validate passwords.
Gateway: Confiugre settings for the AP Gateway, which allows AP to communicate with RADIUS clients, ADFS agent, and AD or LDAP database.
Tokens: Import and associate hardware tokens.
User Inheritance: Send and manage user inheritance requests. Service Providers cam request that managed accounts inherit an AP user from the Service Provider account.
Corporate Credentials: Configure Corporate Credentials to share a direct link to a specific website with specific user groups.
In what order does WatchGuard recommmend you configure the settings tiles in the AuthPoint management UI?
From top to bottom.
In WatchGuard cloud you can monitor AuthPoint.
Where can you find this?
What can you monitor?
There are 6 sections.
Monitor > AuthPoint.
User Activity: Bar graph showing how many times each active user has authenticated, and the last time an inactive user logged in. Also shows how and when users were blocked.
Authentication: Bar graph showing successful and failed authentication attempts for each user. For each attempt, a list shows the authentication date, the token used, authentication method, and the resource authenticated to.
Resource Activity: Bar graph showing successful and failed auth. attemps for each Resource. For each attempt, a list shows which user auth.cated, the auth date, the token used, and the auth. method.
Denied Pist Notifications: Bar graph showing how many push notifications have been denied by users.
Activation Activity: List of user tokens that have not been activated.
Sync Activity: Information about the synchronization of your ldap database, if added external identity.
Where can you find additional information about AuthPoint Events useful for troubleshooting?
Administration > Audit logs and notifications.
Custom Branding, you can customise these items for AuthPoint:
Logos and images in…
The reply-to email address for…
The logo and thumbnail on…
The logo, thumbnail, and background image for…
emails sent by AuthPoint.
emails sent by AuthPoint.
the Set Password and Token Activation web pages.
the IdP Portal.
This is regarding AuthPoints SSO feature.
When a user authenticates, the web browser creates a session and remembers the user. While the session is active, what 3 resources don’t need to authenticate again?
What’s the exception?
SAML resources
RD Web resources
IdP Portal
The resource requires a more secure authentication method than the initial authentication provided.
In regards to SSO and requiring extra Authentication.
Order the following from least secure to most:
OTP
Password
Push Notification
QR Code
Password
OTP
QR Code
Push Notification
[AuthPoint considers QR and Push equally secure]
AuthPoint supports 2 types of tokens, what are they?
How many can a user have?
Software Tokens
20
Hardware Tokens
Any number
Where do you migrate tokens from?
AuthPoint Mobile App
Does the AuthPoint Mobile App support third party tokens?
yes
I have multiple mobile devices, can I use the same software token across all of them?
No, need unique tokens each.
What are the two ways to activate a token?
Click the link in the token activation email.
Navigate to te IdP Portal annd click the Activate Token Link.