Chapter 1 Flashcards
802.1x Authentication Parts
- Supplicant 2. Authenticator 3. Authentication Server
802.1x Supplicant
Client device attach to WAN/LAN
802.1x Authenticator
Network device that provides a data link between the client and the network and can allow or block network traffic between the two
802.1x Authentication Server
Typically a trusted server that can receive and respond to requests for network access, and can tell the authenticator if the connection is to be allowed, and various settings that should apply to that client’s connection or setting.
Vulnerability
Is a weakness in a device, system, application, or process that might allow an attack to take place. Vulnerabilities are internal factors that may be controlled by cybersecurity professionals.
Threat
In the world of cybersecurity is an outside force that may exploit a vulnerability.
Risk
Combination of a threat and a corresponding vulnerability. Both of these factors must be present before a situation poses a risk to the security of an organization.
Adversarial Threats
Are individuals, groups, and organizations that are attempting to deliberately undermine the security of an organization. Adversaries may include trusted insiders, competitors, suppliers, customers, business partners, or even nation-states.
Accidental Threats
occur when individuals doing their routine work Mistakenly perform an action that undermines security. For example, a system administrator might accidentally delete a critical disk volume, causing a loss of availability.
Structural Threats
Occur when equipment, software, or environmental controls fail due to the exhaustion of resources (such as running out of gas), exceeding their operational capability (such as operating in extreme heat), or simply failing due to age. Structural threats may come from IT components (such as storage, servers, and network devices), environmental controls (such as power and cooling infrastructure), and software (such as operating systems and applications).
Environmental Threats
Occur when natural or man-made disasters occur that are outside the control of the organization. These might include fires, flooding, severe storms, power failures, or widespread telecommunications disruptions.
Agent-Based vs Agentless
Agent-based solutions, such as 802.1x, require that the device requesting access to the network run special software designed to communicate with the NAC service. Agentless approaches to NAC conduct authentication in the web browser and do not require special software.
In-Band vs Out-of-Band
In-band (or inline) NAC solutions use dedicated appliances that sit in between devices and the resources that they wish to access. They deny or limit network access to devices that do not pass the NAC authentication process. The “captive portal” NAC solutions found in hotels that hijack all web requests until the guest enters a room number are examples of in-band NAC. Out-of-band NAC solutions, such as 802.1x, leverage the existing network infrastructure and have network devices communicate with authentication servers and then reconfigure the network to grant or deny network access, as needed.
Port 22
SSH
Port 23
Telnet