Chapter 3 Identity and Account management Flashcards

1
Q

What is identity management?

A

Identity management refers to the process of managing and controlling user identities, including authentication, authorization, and access to resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the three components of authentication?

A

The three components of authentication are ID (identification), authentication (proving identity), and authorization (granting access rights).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the purpose of authorization in identity management?

A

Authorization determines what actions or resources a user is allowed to access or perform after they have been authenticated.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Define multifactor authentication.

A

Multifactor authentication is a security measure that requires users to provide multiple forms of identification or verification, such as a password and a fingerprint, to gain access to a system or resource.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the three factors of multifactor authentication?

A

The three factors of multifactor authentication are something you know (e.g., password), something you have (e.g., smart card), and something you are (e.g., biometric traits).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the purpose of salting in password storage?

A

Salting is the process of adding a random value to a password before hashing it, making it more difficult for attackers to use precomputed tables, such as rainbow tables, in password cracking.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a rainbow table in the context of password cracking?

A

A rainbow table is a precomputed table that contains a large number of hash values and their corresponding plaintext passwords, used in password cracking attacks to quickly find the original password from its hash.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the difference between authentication and authorization?

A

Authentication is the process of verifying the identity of a user, while authorization is the process of granting or denying access rights and privileges to authenticated users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is key stretching in password-based key derivation?

A

Key stretching is a technique used to increase the time and computational effort required to derive a cryptographic key from a password, making brute-force attacks more difficult.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are attributes in multifactor authentication?

A

Attributes in multifactor authentication refer to additional characteristics or properties used for verification, such as a person’s typing speed or a trusted certificate from a recognized authority.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the purpose of multifactor authentication?

A

Multifactor authentication enhances security by requiring users to provide multiple forms of identification or verification to access a system or resource.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the three factors of multifactor authentication?

A

The three factors of multifactor authentication are something you know (e.g., password), something you have (e.g., mobile phone), and something you are (e.g., biometric trait).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the difference between enabled and enforced in multifactor authentication?

A

Enabled means that multifactor authentication is turned on for a user, but they have not yet experienced it. Enforced means that multifactor authentication is mandatory, and the user must actively use it during the sign-in process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How can multifactor authentication be enabled for a Microsoft Azure user account?

A

In the Azure portal, go to Azure Active Directory > Users. Select the user account, click on Multifactor authentication, and enable it for the user by clicking the “Enable” button.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are some alternate methods of authentication in multifactor authentication?

A

Alternate methods can include using the Microsoft Authenticator app, receiving a verification code via SMS text message, or using other factors like a smart card or biometric authentication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How does multifactor authentication enhance security in the sign-in process?

A

Multifactor authentication adds an additional layer of security by requiring users to provide an extra verification factor, such as a code from their mobile phone, along with their username and password.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is the purpose of accounting in identity management?

A

Accounting, also known as auditing, tracks and records the activities performed by authenticated users, providing an audit trail for security and compliance purposes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

How does multifactor authentication contribute to identity management?

A

Multifactor authentication is a crucial aspect of identity management as it helps verify and protect user identities, control access to resources, and maintain a secure and auditable environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is the relationship between authentication and authorization?

A

Authentication is the process of verifying the identity of a user, device, or software component, while authorization determines the permissions and access rights that are granted to the authenticated entity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What are resources in the context of authorization?

A

Resources refer to the targets or entities that have permissions assigned to them. This can include files on a file server, rows in a database table, web applications, or specific parts of a web application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

How does auditing relate to authorization?

A

Auditing is closely related to authorization as it involves tracking and recording the activities and access performed by authenticated users or entities. It provides accountability and helps in monitoring and reviewing resource usage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

How can you assign permissions to a virtual machine in Microsoft Azure for accessing storage?

A

In the Azure portal, go to the virtual machine properties, navigate to the Identity section, and enable a system-assigned managed identity for the virtual machine. Then, go to the storage account properties, access the Access Control (IAM) section, and add a role assignment for the virtual machine’s managed identity, such as “Storage Account Contributor.”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is a managed identity in the context of Azure virtual machines?

A

A managed identity is an identity that is automatically provisioned and managed by Azure for a specific resource, such as a virtual machine. It allows the resource to authenticate itself to other Azure services and obtain access to resources based on the assigned permissions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is the purpose of role assignments in Azure IAM?

A

Role assignments in Azure Identity and Access Management (IAM) allow you to grant permissions to users, groups, or managed identities. Roles are collections of related permissions, and by assigning a role to a resource, you define what actions can be performed on that resource.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

How does successful authentication relate to authorization in Microsoft Azure?

A

After successful authentication of a virtual machine in Azure, the authorization configuration determines the access permissions granted to that virtual machine. This allows the authenticated virtual machine to access the specified resources, such as a storage account, based on the assigned permissions.

26
Q

How does internal trust in Microsoft Azure contribute to the authentication and authorization process?

A

Internal trust within Microsoft Azure ensures that the authentication and authorization processes are secure and reliable. It establishes the trustworthiness of the virtual machine and allows it to be authenticated and granted access to resources based on the defined authorization configuration.

27
Q

What is accounting in IT security?

A

Accounting in IT security refers to the process of tracking and recording activity to provide visibility and accountability.

28
Q

Why is it important to have separate user accounts for auditing purposes?

A

Separate user accounts are important for auditing as they allow actions to be attributed to individual users, enabling better accountability and tracking of activity.

29
Q

What can be tracked and monitored through auditing in a Windows environment?

A

Auditing in a Windows environment can track resource access, logon attempts, system changes, and user behavior.

30
Q

How can auditing logs help identify potential security threats?

A

Auditing logs can help identify potential security threats by examining audit failures, unauthorized login attempts, and suspicious activity, providing insights into potential vulnerabilities or attacks.

31
Q

What are some best practices for securing virtual machines in the cloud?

A

Best practices for securing virtual machines in the cloud include avoiding public IP addresses, using VPNs or jump boxes, monitoring auditing logs, following security guidelines, implementing strong authentication, and regularly updating security measures.

32
Q

How does auditing contribute to environment hardening?

A

Auditing contributes to environment hardening by identifying vulnerabilities, monitoring and detecting security incidents, and guiding the implementation of security measures to protect against potential threats.

33
Q

What are common authentication methods?

A

Common authentication methods include usernames and passwords, one-time passwords (OTP), PKI certificates, smart cards, public key authentication, and biometrics.

34
Q

Why is it important to use unique and complex passwords?

A

Using unique and complex passwords for different resources is important to prevent unauthorized access. If one password is compromised, it won’t affect all other accounts.

35
Q

How can password managers help with authentication?

A

Password managers securely store and manage complex passwords, eliminating the need to remember them. They provide convenience and enhance security by generating and storing unique passwords for each resource.

36
Q

What is a one-time password (OTP)?

A

A one-time password is a unique passcode or passphrase generated for authentication and valid for a short period. It adds an extra layer of security, often used alongside usernames and passwords.

37
Q

What is a smart card and how does it contribute to authentication?

A

A smart card is a credit card-sized card containing embedded certificates for authentication. It verifies the identity of the cardholder and can be used for secure access to systems and physical locations.

38
Q

What is public key authentication?

A

Public key authentication involves using a private key and a corresponding public key stored on a server or device. It enhances security by requiring possession of the private key in addition to a username and password for authentication.

39
Q

What is biometric authentication?

A

Biometric authentication uses unique physical or behavioral characteristics of an individual, such as fingerprints, retinal scans, facial recognition, voice recognition, vein analysis, or gait analysis, to verify identity.

40
Q

What are some considerations when using biometric authentication?

A

Biometric authentication efficacy is measured by factors like false acceptance rate, false rejection rate, and crossover error rate. Imperfections in biometric systems can lead to incorrect matches or false rejections.

41
Q

What are credential policies used for?

A

Credential policies are used to determine access permissions for users, contractors, devices, or service accounts. They help control access to resources and manage privileged access.

42
Q

What is attribute-based access control (ABAC)?

A

Attribute-based access control is an access control scheme that uses the attributes of a user or device to determine their permissions. For example, access may be granted based on age, device type, or location.

43
Q

What is role-based access control (RBAC)?

A

Role-based access control is an access control scheme where permissions are assigned to roles, and users or devices are assigned to those roles. Users inherit the permissions associated with their assigned roles.

44
Q

What is rule-based access control (RBAC)?

A

Rule-based access control is an access control scheme that uses conditional access policies to determine access permissions. Access is granted if certain conditions, such as multifactor authentication or device type, are met.

45
Q

What is mandatory access control (MAC)?

A

Mandatory access control is an access control scheme that assigns labels to resources and uses policies to determine access based on security clearances. The operating system enforces access based on labels and clearances.

46
Q

What is discretionary access control (DAC)?

A

Discretionary access control is an access control scheme where permissions are set by the data custodian at their discretion. It allows users to control access to their resources based on their own permissions.

47
Q

What is physical access control?

A

Physical access control refers to controlling access to physical spaces, such as buildings, server rooms, and equipment racks. It involves measures like locks, access control systems, and security guards to protect physical resources.

48
Q

Why should password authentication protocol (PAP) be avoided?

A

Password Authentication Protocol (PAP) should be avoided because it sends credentials over the network in clear text, making it vulnerable to interception and unauthorized access.

49
Q

What is the purpose of Microsoft Challenge Handshake Authentication Protocol (MS-CHAP)?

A

Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) is a network authentication protocol that allows users to authenticate without transmitting their password over the network. It uses password hashing and challenges to verify user credentials.

50
Q

What is the difference between NTLM and NTLMv2?

A

NTLMv2 is an updated version of NTLM (LAN Manager), a network authentication protocol used on workgroup computers. NTLMv2 uses salted password hashes, making them more difficult to crack than unsalted hashes.

51
Q

Which network authentication protocol is used in Active Directory environments?

A

The Kerberos protocol is used in Active Directory environments for network authentication. It involves components such as the Key Distribution Center (KDC), Authentication Service (AS), Ticket Granting Service (TGS), and Ticket Granting Ticket (TGT).

52
Q

What is the Extensible Authentication Protocol (EAP) used for?

A

The Extensible Authentication Protocol (EAP) is a standardized framework used for network authentication. It allows for various authentication methods, such as certificates and smart cards, and ensures secure communication using protocols like TLS.

53
Q

What is IEEE 802.1X and how does it control network access?

A

: IEEE 802.1X is a port-based network access control protocol that limits network access by authenticating devices before granting them access. It works with network edge devices, such as switches, routers, and VPN concentrators, and uses a centralized authentication server (RADIUS) to handle authentication requests.

54
Q

What is the role of a RADIUS client and RADIUS supplicant?

A

The RADIUS client refers to the network edge point device, such as a switch or router, that initiates authentication requests to a centralized RADIUS server. The RADIUS supplicant is the user or device seeking network access, such as a smartphone or computer.

55
Q

Why is using a centralized authentication server, like RADIUS, preferred over storing credentials on network edge devices?

A

Storing credentials on network edge devices poses a security risk, as they have limited memory and can be compromised. Using a centralized authentication server, like RADIUS, provides better security and control over authentication processes.

56
Q

What is single sign-on (SSO)?

A

Single sign-on (SSO) is a mechanism that allows users to authenticate once and gain access to multiple systems or applications without having to re-enter their credentials. It improves user experience and reduces the need to remember multiple usernames and passwords.

57
Q

What are OpenID and OAuth used for?

A

OpenID and OAuth are protocols used for identity management and enabling single sign-on. OpenID allows users to use a single set of credentials to access multiple websites, while OAuth allows users to grant permissions to third-party applications without sharing their credentials.

58
Q

What is Identity Federation?

A

Identity Federation is a concept where multiple resource providers or websites trust a centralized identity provider (IDP) for authentication. The IDP, such as Google or Facebook, authenticates the user and issues a digital security token (e.g., SAML token) that can be used to access trusted resources without the need for separate authentication.

59
Q

What is a Security Assertion Markup Language (SAML) token?

A

A Security Assertion Markup Language (SAML) token is a digitally signed authentication token issued by an identity provider (IDP) in an identity federation environment. It serves as proof of identity and is passed from the IDP to the resource provider to grant access to resources.

60
Q

What are some examples of identity providers (IDPs) used in Identity Federation?

A

Examples of identity providers (IDPs) used in Identity Federation include Google, Facebook, Twitter, and on-premises solutions like Microsoft Active Directory Federation Services (ADFS). These IDPs act as centralized trusted sources for authentication and enable single sign-on across multiple applications or websites.

61
Q

What are some commonly used protocols within Identity Federation?

A

Some commonly used protocols within Identity Federation include OpenID, OAuth, and SAML. OpenID enables users to use a single set of credentials across different websites, OAuth allows users to grant access to their resources without sharing credentials, and SAML provides a standard format for exchanging authentication and authorization data between the identity provider and resource provider.