AuthPoint Identity Security Essentials Flashcards

1
Q

MFA requires any combination of these three things.

A

Something you know | Password
Something you have | Phone
Something you are | Fingerprint

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

AuthPoint is WatchGuard’s MFA service, it includes what 2 products?

A

AuthPoint MFA
AuthPoint Total Identity Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

For AuthPoint, there are two authentication device routes you can have. What are they?

A

Mobile App
Hardware Token

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a token?
What is it used for?

A

Something, such as a digital signature or fingerprint, that identifies a user and associates the user with a device.
They require activation.

Used in addition to, or in place of, a password when a user logs in to a protected resource.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Benefits of Authentication.

A

Gives admins a way to identify the users that access resources.

To authenticate, you must provide something that proves your identity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is Authorization? Give AuthPoint specifics.

A

It is how admins define which users are allowed access to a resource.
Groups and authentication policies control authentication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the three MFA methods?
Describe them.

A

Push Notification: When a user logs in, AuthPoint sends a push notification to the user’s mobile device. The
user approves the push notification to authenticate, or denies it to prevent an unauthorized access attempt.

QR Code: When a user logs in, a QR code appears. The AuthPoint app uses the phone camera to scan the
QR code and displays a verification code, which the user must type to authenticate. AuthPoint uses secure
QR codes that only the AuthPoint mobile app can decrypt.

One-Time Password (OTP): When a user logs in, the user must provide a unique, temporary password
generated by the AuthPoint app to authenticate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the AuthPoint Management UI?
What does it manage? 10 sections on the main screen.
Where is Dark Web Monitoring configured?

A

It’s the management platform for AuthPoint in WatchGuard Cloud.
It’s where you set up and manage:

policies
resources
groups
objects
users
ext ids
gateway
hardware tokens
user inheritance
corporate applications

It also provides reports and audit logs for monitoring authentication activity and issue troubleshooting.

It’s managed under Administration in WatchGuard Cloud.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Within the context of AuthPoint:
What are Resources?
What are Authentication policies?
What are External Identities?

A

Resources are the applications that you define for use with AuthPoint.

Authentication Policies specify which resources AuthPoint users can authenticate to, and which authentication methods they can use.

External Identities connect to a user databases to get user account information and validate passwords.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What can the AuthPoint Mobile App do?

A

View and manage tokens, approve Push Notifications, get OTP’s, scan QR codes, and view and manage saved credentials (password manager).

You can protect tokens behind PIN or Biometric ID.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What can the AuthPoint Browser Extension do?

A

Password management.
Can save and manage credentials in a personal password vault.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the AuthPoint Gateway application?
Where can you download/install it from?

A

It’s a lightweight software application that you install on your network so that AuthPoint can securely communicate with your RADIUS clients and LDAP databases.
The Gateway operates as a RADIUS server for RADIUS authentication, and is also used to import LDAP users and validate their passwords.

Downloads page in AuthPoint Management UI.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the Logon App?
What is it used for?
Requirements?

A

Used to require authentication when users log on to a computer or server.
Includes protection for RDP and RD Gateway (remote access).
For windows and mac.
Download application to computer and configure AuthPoint Resource.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Define ADFS.
What can you use the AuthPoint Agent for ADFS for?
What 3 parts make the Agent?

A

Microsoft Active Directory Federation Services is a Windows Server component that provides users with authenticated access to applications.

You can add MFA to ADFS for added security.

Installed agent, Gateway, configured Resource.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Define RD Web.
What does the AuthPoint Agent for RD Web do?
What 2 parts make the Agent?

A

Microsoft Remote Desktop Web Access is a web page that shows a list of applications published from a server. From the webpage, authenticated users can launch each application.

Provides MFA to RD Web Access.

Installed Agent, configured Resource.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What Resource types are supported? What are they?
There are 8.

A

IdP Portal: A portal page that shows users the SAML resources available to them.
Logon App: Used to configure and define authentication policies for the Logon App.
RD Web: Used to add MFA to RD Web.
Firebox: Enable AuthPoint as an auth. server on a locally managed firebox connected to WG Cloud.
RADIUS Client: An application or service that uses RADIUS authentication.
SAML: An application or service that uses SAML authentication.
ADFS: Used to add MFA to ADFS authentication.
RESTful API Client: Used to configure and define authentication policies for a RESTful API client.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What are the 10 AuthPoint settings tiles?
Give a brief description of uses.

A

Authpoint Policies: Configure auth. policies to specify which resources AuthPoint users can authenticate to and which authentication methods they can use.

Resources: Configure the applications and services that your users connect to.

Groups: Configure user groups.

Policy Objects: Configure th policy objects to define specific scenarios that authentication policies apply to.

Users: Manage AuthPoint users and tokens. Add users directly in AuthPoint or import from an external LDAP server.

External Identities: Configure the information required for AuthPoint to connect to AD or LDAP databases to get user account info and validate passwords.

Gateway: Confiugre settings for the AP Gateway, which allows AP to communicate with RADIUS clients, ADFS agent, and AD or LDAP database.

Tokens: Import and associate hardware tokens.

User Inheritance: Send and manage user inheritance requests. Service Providers cam request that managed accounts inherit an AP user from the Service Provider account.

Corporate Credentials: Configure Corporate Credentials to share a direct link to a specific website with specific user groups.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

In what order does WatchGuard recommmend you configure the settings tiles in the AuthPoint management UI?

A

From top to bottom.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

In WatchGuard cloud you can monitor AuthPoint.
Where can you find this?
What can you monitor?
There are 6 sections.

A

Monitor > AuthPoint.

User Activity: Bar graph showing how many times each active user has authenticated, and the last time an inactive user logged in. Also shows how and when users were blocked.

Authentication: Bar graph showing successful and failed authentication attempts for each user. For each attempt, a list shows the authentication date, the token used, authentication method, and the resource authenticated to.

Resource Activity: Bar graph showing successful and failed auth. attemps for each Resource. For each attempt, a list shows which user auth.cated, the auth date, the token used, and the auth. method.

Denied Pist Notifications: Bar graph showing how many push notifications have been denied by users.

Activation Activity: List of user tokens that have not been activated.

Sync Activity: Information about the synchronization of your ldap database, if added external identity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Where can you find additional information about AuthPoint Events useful for troubleshooting?

A

Administration > Audit logs and notifications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Custom Branding, you can customise these items for AuthPoint:
Logos and images in…
The reply-to email address for…
The logo and thumbnail on…
The logo, thumbnail, and background image for…

A

emails sent by AuthPoint.
emails sent by AuthPoint.
the Set Password and Token Activation web pages.
the IdP Portal.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

This is regarding AuthPoints SSO feature.
When a user authenticates, the web browser creates a session and remembers the user. While the session is active, what 3 resources don’t need to authenticate again?
What’s the exception?

A

SAML resources
RD Web resources
IdP Portal

The resource requires a more secure authentication method than the initial authentication provided.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

In regards to SSO and requiring extra Authentication.
Order the following from least secure to most:
OTP
Password
Push Notification
QR Code

A

Password
OTP
QR Code
Push Notification
[AuthPoint considers QR and Push equally secure]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

AuthPoint supports 2 types of tokens, what are they?
How many can a user have?

A

Software Tokens
20

Hardware Tokens
Any number

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Where do you migrate tokens from?

A

AuthPoint Mobile App

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Does the AuthPoint Mobile App support third party tokens?

A

yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

I have multiple mobile devices, can I use the same software token across all of them?

A

No, need unique tokens each.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What are the two ways to activate a token?

A

Click the link in the token activation email.
Navigate to te IdP Portal annd click the Activate Token Link.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

How to authenticate with a RADIUS server and OTP?

A

password+OTP

30
Q

What is the process to occur if a user forgets/misplaces their tokens?

A
  1. A user forgets or misplaces the mobile device they use for authentication. They must contact their AuthPoint administrator.
  2. The user provides the AuthPoint administrator with the Activation Code value shown in the Forgot Token window.
  3. The AuthPoint administrator provides the user with a Period value and a Verification Code.
  4. The user types their password and validates the Period and Verification Code. Once validated, the user can log in with their password.
31
Q

What are the third-party hardware token requirements?
There are 3

A

Response Format: 6 digit, numerical, time-based OTP witha 30 or 60 second interval.

Algorithym: OATH time-based OTP (RFC 6238)

Seed Delivery: OATH PSKC file (RFC 6030)

32
Q

What two things need to be uploaded to AuthPoint in order to import third-party hardware tokens?

A

Seed File: A Portable Symmetric Key Container (PSKC) file. Imports token/device information. XML PSKC TXT VIP

Key:Used to decrypt Seed File. Can be a manually entered string or a file. TXT BIN

33
Q

When you make a local AuthPoint user, two emails are sent to the user.
What are they?

A

Email to set their AuthPoint Password.
Email to activate their AuthPoint Token.

34
Q

In regards to LDAP or AD external identities…
What are Queries?

A

They specify which users to sync to AuthPoint. Queries request account information from the external database.
Queries also need an AuthPoint Group to sync the accounts to.

35
Q

When an external user authenticates, what method is used to validate the password.

A

AuthPoint sends entered password to external server for validation.

36
Q

LDAP, AD and Azure AD.
Which needs an AuthPoint Gateway?

A

Azure AD doesn’t need an AP Gateway.

37
Q

There are two types of LDAP queries, what are they?

A

Group Sync: Select the LDAP groups you want to sync. AuthPoint creates the query.

Advanced Query: Create your own LDAP query.

38
Q

What 3 properties does an external user need to be synced to AuthPoint?

A

Username
Firstname
Email Address

39
Q

On the user page, what do the coloured dots in the user status mean?
Green
Yellow
Red

A

Activated: User can authenticate with any active tokens.

Quarantined: LDAP user cannot auth. because the LDAP user was moved or deleted, the external identity was deleted, or other domain information was changed.
Cannot access their Password Vault.

Blocked: Cannot authenticate to any resource or Password Vault. Can still use third party tokens.

40
Q

Token status colours under users:
Grey
Green
Red

A

Pending: Token not activated.
Activated: Activated and can be used.
Blocked: Cannot use to authenticate.

41
Q

What must a user have to access their Password Vault?

A

Active Token

42
Q

There are two ways to Block Authentication.
Use cases.

A

Block a User: Useful if an employee leaves or their user account is compromised.

Block a Token: A user loses their phone or Hardware Token.

43
Q

When you configure an authentication policy, you specify 5 things.
What are they?

A

Whether the policy allows or denies authentications.
Which authentication methods are required.
Which resources the policy applies to.
Which user groups the policy applies to.
Which policy objects apply to the authentications.

44
Q

Authentication Policies
RADIUS Resources have an authentication exception.
What is it?
How does it change id RADIUS client resources use MS-CHAPv2?

A

If you enable both PUSH and OTP, only PUSH is used.
Cannot use QR code.

Only PUSH auth. supported.

45
Q

How are Authentication Policy conflicts handled?

A

Highest priority Policy takes precedence.

46
Q

There are 5 conditions that can go into a policy to determine what method of Authentication can be used.
What are they?

A

The resource the user auth.s to.
The AP groups the user is a member of.
The user’s IP address.
The time of the authentication.
The location of the user.

47
Q

You can configure 4 types of policy object.
Name them.

A

Network Locations.
Time Schedules.
Geofences.
Geokinesis.

48
Q

What makes Geokinesis different from the other 3 policy object types?

A

They apply after authentication is complete.

49
Q

What two types of authentication cannot be used with Network Location policy objects?

A

RADIUS and basic (ECP) authentication.

50
Q

For Remote Desktop Protocol (RDP) connections how does AuthPoint determine if the authentication comes from a network location.

A

Uses the IP address connected to port 3389 or 443.

51
Q

Requirements to use geofencing with ADFS.

A

Need to use the custom WG ADFS theme or another custom ADFS theme.

52
Q

Requirements to use geofencing and geokinesis with RD Web.

A

You must edit the webscripts-domain.js file on your RD Web Access server and configure the client to save the user location as a cookie on the RDWeb server.

53
Q

Two resources don’t support geofenceing or geokinesis.
What are they?

A

AuthPoint agent for macOS
RADIUS

54
Q

Which 4 resources use browser-based location data?

A

IdP Portal
SAML
RD Web
ADFS

55
Q

What authentication types only support IP address location data?
3 of them

A

RDP connections
Firebox resources
Windows virtual machines

56
Q

If an AuthPoint user account is…
blocked
deleted
…can they access their password vault?

A

No
No

57
Q

Other than accesing SAML sites and corporate credentials, what 2 things can the IdP Portal be used for?

A

Activate software tokens.
Activate the Forgot Token Feature.

58
Q

There are two parts to the Logon App, what are they?

A

The application you install on a computer or server (AuthPoint Agent).
The resource you configure in AuthPoint.

59
Q

There are 3 things you must do to set up the Logon App, what are they?

A

Configure a Logon App Resource in AuthPoint Management UI.
Configure an auth. policy for the Logon App Resource.
Download the installer and config. file for the Logon App. Make sure in same directory.

60
Q

Does the Logon App auto update.

A

No

61
Q

What conditions needs to be met before a user logs onto a computer through Logon App for the first time?

A

Must have an internet connection

62
Q

Before you install an AuthPoint Gateway there are 3 things to make sure of.

A

The computer it will be installed on has internet access.

The computer can communicate with your RADIUS clients and AD or LDAP database.

You have the registration key for your Gateway, if setup fails you will need another key.

63
Q

The AuthPoint Gateway runs 4 services.
What are they?

A

The Gateway Service handles connections to your AuthPoint account in the cloud and sends config. settings to the other 3 services.
The other 3 services handle RADIUS, ADFS, and LDAP communication on the local network.

64
Q

AuthPoint Gateway status:
Green
Grey
Red

A

Installed and can communicate with WatchGuard Cloud.

Gateway not installed

Not connected and cannot communicate with WG Cloud.

65
Q

To configure MFA for a RADIUS client, you must do these 5 things.

A

Conf. or set up your RADIUS client.

Add a RADIUS Client Resource.

Download and install the AuthPoint Gateway.

Add the RADIUS Client Resource to the config. for your Gateway.

Conf. an auth. policy for the RADIUS Client Resource.

66
Q

RADIUS MS-CHAPv2 requires an additional server, what server?

A

NPS RADIUS Server.

67
Q

Is the IdP Portal required for SAML authentication?

A

No

68
Q

SAML
To configure MFA for a service provider, you must do these 4 things.

A

Create an AP SAML certificate.
Conf. SAML authentication for your third-part service provider.
Add an SAML Resource in AP Management UI.
Conf. an auth. policy for the SAML Resource.

69
Q

What is AuthPoint Metadata used for?

A

Configure third party SAML Resources.

70
Q

When you add a SAML Resource in AuthPoint, you must configure these 3 settings.

A

Service Provider Entity ID and Assertion Consumer Service.
User ID.
AuthPoint Certificate.

71
Q

Where are AuthPoint Gateway logs stored?

A

C:\ProgramData\WatchGuard\AuthPoint\Logs