Chapter 08: Identity and Access Management Flashcards

1
Q

Name of an authentication framework that is commonly used for wireless networks.

A

EAP (Extensible Authentication Protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

______ is an authentication protocol designed to provide more security than protocols like PAP.

A

CHAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Name microsoft’s version of CHAP.

A

MS-CHAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

_______ is a password-centric authentication protocol that was commonly used with the Point-to-Point protocol to authenticate users.

A

Password Authentication Protocol (PAP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

RADIUS servers often rely upon backend directory using ________ or _______ as a source of identity information.

A

LDAP or Active Directory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Name the four pieces of equipment in an authentication architecture with EAP, RADIUS, and LDAP.

A

Supplicant -> Authenticator -> Authentication Server -> Directory Services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Under an authentication architecture with EAP, RADIUS, and LDAP, what protocol goes from Supplicant to Authenticator?

A

EAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Under an authentication architecture with EAP, RADIUS, and LDAP, what protocol goes from Authenticator to Authentication Server?

A

RADIUS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

AAA

A

Authentication, Authorization, and Accounting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which authentication extension is cisco designed?
a. Kerberos
b. RADIUS
c. TACACS+
d. LEAP

A

c. TACACS+

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which protocol is designed to operate on untrusted networks and uses authentication to shield its authentication traffic?

A

Kerberos

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

in kerberos, the client’s first request for a _______.

A

Ticket-Granting Ticket (TGT)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

______ is an xml based open standard for exchanging authentication and authorization information. It is often used between identity providers and service providers for web-based applications.

A

SAML (Security Assertion Markup Language)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

_____ is an open standard for decentralized authentication. Its identity providers can be leveraged for third-party sites using established identities.

A

OpenID.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

“Log in with Google” functionality is an example of _________.

A

OpenID

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

________ is an open standard for authorization used by many websites. It provides a method for users to determine what information to provide to third-party apps without sharing credentials.

A

OAuth

17
Q

An example of Google Drive plug-ins requesting access to your files or folders is an example of _______.

A

OAuth

18
Q

________ systems allow user to log in with a single identity and then use multiple systems or services without reauthenticating.

A

SSO

19
Q

Which two protocols are SSO typically implemented in Windows Domains.

A

LDAP and Kerberos

20
Q

Identity information is handled by an ______. They manage the life cycle of digital identities from creation through maintenance to eventual retirement of the identity in the systems and services it supports.

A

Identity Provider (IdP)

21
Q

In __________ deployments, the identity providers are paired with relying parties, which trust the identity provider to handle authentication and then rely on that authentication to grant access to services.

A

federated identity deployments

22
Q

Who is the principal under a federated environment?

A

The user

23
Q

_____ - who provide identity and authentication services via an attestation process in which the IdP validates that the user is who they claim to be.

A

Identity Providers (IdPs)

24
Q

_______ - who provide services to users whose identities have been attested to by an identity provider.

A

SPs