Chapter 4 - Access Control, Authentication & Authorization Flashcards
What’s the concept behind “access control”?
4-131
Let the right ones in, keep the wrong ones out.
Tell me the difference between identification and authentication.
4-131
identification - finding out who someone is
authentication - verifying the identification
You have two or more parties authenticating each other. What is this called?
4-132
mutual authentication
You have an authentication process, and in that process, two or more access methods are included. What kind of authentication system is this?
4-133
multifactor authentication
Tell me the 5 “factors” you have to work with when building your authentication system.
4-131
something you know, have, are, or do
somewhere you are
What does NAC stand for?
4-134
network access control
True/False: Security tokens are used to identify and authenticate the user, and because of this, they are similar to certificates.
4-135
True
You have a group of computer networks that all agree on standards of operation. What do you call this?
hint: Star Wars
4-135
a federation
Your identity, linked with your priveleges, allows you to cross business units and business boundaries. What kind of identity is this?
4-135
a federated identity
You are a user on a client PC communicating with an authentication server. Tell me the steps involved in the security token authentication.
4-136
server presents a challenge to the pc pc provides a response server sends a token device challenge pc sends back a valid certificate server grants authentication
You have an Active Directory and the domains of your forest trust each other. By default, these trusts are _______ and _______.
4-136
two-way, transitive
Tell me the difference between PAP and SPAP.
4-139
PAP sent stuff in plain text. SPAP encrypts stuff, THEN sends it.
A protocol was designed to stop man-in-the-middle attacks. What is that protocol?
There is another protocol that uses the aforementioned protocol to provide authentication. which protocol is that?
4-139
CHAP
PPP
Which protocol uses a time based factor for the creation of new passwords?
4-139
TOTP
Which protocol is based on a hash message algorithm?
4-139
HOTP
Tell me the lockout policies at the local level. There are three of them
4-141
account lockout duration
account lockout threshold
reset account lockout counter after
Explain to me what SLIP is.
4-143
Serial Line Internet Protocol. It’s an older protocol, was used in early remote access situations, was not secure, and could only be used to pass TCP/IP traffic.
Tell me 4 options that are common for remote authentication.
hint: tacks in a circle
4-143
TACACS, TACACS+, XTACACS, RADIUS
We’ve talked about tunneling protocols like PPTP, L2TP and SSH. How is IPSec different from these?
4-145
It isn’t a tunneling protocol, but is used alongside a tunneling protocol. It is primarily used in LAN to LAN connections, but can also be used with some remote connections.
Tell me the major difficulty with a single-server RADIUS environment.
4-145
If the server malfunctions, the entire network may refuse connections.
What is SAML for?
4-147
authentication and authorization, based on XML
You are using a KDC to get authentication to receive services from a server. What’s the problem with this?
4-148
the KDC is a single point of failure
Tell me the 4 primary methods of access control.
4-150
mandatory access control - predefined
discretionary access control - some flexibility
role-based access control - user’s role dictates access capabilities
rule-based access control - limits the user to settings in preconfigured policies
What is the SA account?
4-153
the system administrator
Why would you perform an access review?
4-154
To determine if someone’s access level is still appropriate.
There is a smart card used by the Department of Defense. What type of card is this?
4-155
Common Access Card
You are tweaking the tolerance for unanswered login attacks on your firewall. Which feature are you adjusting?
4-158
the flood guard
You want to prevent broadcast loops. Which feature will you use?
4-158
Loop protection
You have a trusted operating system that meets a set of requirements for security. Whose requirements are those?
4-159
the government’s
You have Evaluation Assurance Levels 1-7. Tell me very briefly about each one of them.
4-159
1-threats to security aren’t viewed as serious
2-good design practices for products
3-moderate levels of security
4-common benchmark for commercial security
5-high level security, security engineering has been implemented
6-specialized security engineering
7-extremely high level security
You have a router that you need to configure securely. What three steps are you going to perform?
4-160
Change the default password
walk through the advanced settings
keep the firmware updated
Tell me about LDAP and secure LDAP.
4 - 147
Lightweight Directory Access Protocol. standardized directory access protocol that allows queries to be made of directories and is the main protocol used by Active Directory, port 389
secure LDAP - encrypted with SSL/TLS and port 636
In Kerberos, there are TGT and service ticket. tell me the difference.
4 - 148
ticket granting ticket, encrypted, time limit of 10 hours
service ticket - granted by the TGT, good for 5 minutes
Lattice Based Control. tell me about it.
4 - 150
variation of MAC, involves a lattice composed of users, systems, and so forth
what is DAC?
4 - 151
discretionary access control - allows users to share information dynamically with other users
You are going to implement the best access controlling practices. what are they?
4 - 152 thru 160
least privelages separation of duties time of day restrictions user access review smart cards access control lists (implicit deny, block the connection, allow the connection, allow the connection only if it is secured) port security
Port Security has three areas. what are they?
4 - 157
MAC Limiting and Filtering
802.1X
Unused Ports
what is the most basic form of authentication?
4 - 161
single factor authentication
