Chapter 4 Flashcards

1
Q

What is 802.11i used for?

A

Wifi Security Standard, fully implemented in WPA2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is 802.1x used for?

A

to authenticate devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How do you describe CER?

A

The point at which false rejections and false acceptances are equal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is type I authentication?

A

Something you know

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is type II authentication?

A

Something you have

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is type III authentication?

A

Something you are

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does SAML do?

A

XML Open standard data format for exchanging authentication and authorization data between parties

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What does OAUTH do?

A

open standard for token based authentication and authorization on the internet and allow end users account info to be used by third party services, without exposing password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What does OpenID do?

A

done by third party, used to sign in to any website that accepts it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is NTLM?

A

Used by Windows to authenticate server that is not part of network domain

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What network protocol can uses digital certificates to authenticate with RADIUS?

A

802.1x

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How are rainbow tables best mitigated against?

A

Longer Passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What does Kerberos use to issue tickets?

A

Key Distribution Center

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What does TACACS+ do?

A

Provides authentication and authorization and accounting requests against central database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a weakness if SAML?

A

The integrity of it’s users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is Shibboleth?

A

Middleware solution for authentication and identity management that uses SAML.

17
Q

What is Credentialed Management?

A

Allows users to avoid to remember login credentials use logins from the originating network.

18
Q

What is the weakness of PAP?

A

Credentials sent in cleartext.

19
Q

Difference between CHAP and MS-CHAPv2?

A

MS-CHAPv2 provides for mutual authentication and CHAP only provides authenticating client to the server.

20
Q

Which access control model is based on the Trusted Computer System Evaluation Criteria (TCSEC)?

A

DAC

21
Q

Ingrid is reviewing her company’s recertification policy. Which of the following is the best reason to recertify?

A

to audit permissions