Chapter 3: Review Questions Flashcards
What is the most common form of authentication that is most likely to be entered incorrectly?
Passwords are one of the most common ways of authenticating a user and they are the most to be inserted incorrectly.
When I purchase a new wireless access point, what should I do first?
Need an answer.
What is password history?
The list of passwords that the users used for their respective account.
How can I prevent someone from reusing the same password?
You can enforce a group policy that either enforces password history or password reuse. This will force the user to use whatever number of passwords indicated by the policy before they can reuse it.
Explain what format a complex password takes.
The following four formats can be used to increase the password complexity:
- Lowercase
- Uppercase
- Numbers
- Special Characters Not Used in Programming
How can I prevent a hacker from inserting a password multiple times?
Need an Answer
What type of factor authentication is a smart card?
Something You Have
How many factors is it if I have a password, PIN, and date of birth?
Only one: Something You Know
What is biometric authentication?
Something You Are
What authentication method can be used by two third parties that participate in a joint venture?
Federation Services
What is an XML-based authentication protocol
When two companies need to exchange the extended attribute information, they use an XML-based authentication, which i used to pass the credentials between Company A and Company B. Security Assertion Mark-up Language (SAML).
What is Shibboleth?
This is an open source federation service product that uses SAML authentication. It is used in a small federation service environment. It can use cookies as well.
What protocol is used to store and search for Active Directory objects?
LDAP
What is the format of a distinguished name for a user called Fred who works in the IT department for a company with a domain called Company A that is a dotcom?
CN= Fred, OU=IT department, DC=CompanyA, DC=com
What authentication factor uses tickets, timestamps, and updated sequence numbers and is used to prevent replay attacks?
Kerberos
What is a Ticket Granting Ticket (TGT) session?
This is where a user sends their credentials (Username and password, or it could be a smart card and PIN) to a domain controller that starts the authentication process and, when it has been confirmed, will send back a Service Ticket that has a 10-hour lifespan.
What is single sign-on? Give two examples.
Need an Answer
How can I prevent a pass-the-hash attack?
Kerberos prevents the pass-the-hash attacks because it uses tickets to verify authentication.
Give an example of when you would use Open ID Connect.
If I am signing into my Brainscape account, it asks me if I want to sign in using my Apple Account credentials; this is an example of Open ID Connect.
Name two AAA servers and the ports associated with them.
Radius and TACACS+. Radius authentication uses UDP port 1812. TACACS+ TCP port 49 for authentication.
What is the purpose of a VPN solution?
A VPN allows someone to remote access a corporate network through the internet.
Why should we never use PAP authentication?
It is because the passwords are transmitted in clear text.
What type of device is an iris scanner?
It is a biometric device
What could be two drawbacks of using facial recognition?
Lighting and the need to look straight at the camera every time you had to use facial recognition.
What is Type II in biometric authentication and why is it a security risk?
Type II in biometric authentication is where unauthorized individuals are accepted by biometrics and allows them access to data. This is a security risk because people who don’t have the clearance are gaining access to resources they shouldn’t have.
What is used for accounting in an AAA server?
RADIUS Clients and it uses UDP port 1813.
What is a time-limited password?
Need an Answer.