Ch2: Identity and Access Management Flashcards
Identification
User claims an identity using an identifier such as a username or email address
Authentication
User proves the claimed identity using an authentication mechanism such as a password, and the credentials are verified
Access control systems provide…
Authentication, authorization, and accounting (AAA)
Authorization
Granting access to resources based on permissions granted to the proven identity
Accounting methods…
Track user activity and record the activity in logs (logging) in order to enable creation of an audit trail
Complex vs. Strong passwords
Complex passwords use a mix of character types. Strong passwords use a mix of character types AND have a minimum length of 14
Before resetting passwords, it’s important to verify…
The user’s identity
Best way to manually reset passwords is to…
Create a temporary password that expires after first use
Group policy is implemented on…
A domain controller within a domain
Group policy is used by administrators to…
Create password policies, implement security settings, configure host-based firewalls, and more
GPO
Group Policy Object
Elements of password policies include
Password history, min password age, max password age, min password length, and password complexity
First factor of authentication
Something you know (like a password or PIN). The weakest factor.
Smart cards are used with WHAT factors of authentication?
Two-factor: something you know and something you have
Smart cards work by using…
embedded certificates used with digital signatures and encryption