Chapter 5: Identity & Access Management Flashcards

1
Q

An access control model that focuses on subjects & identifies the objects that each subject can access is a(n)…?

A

A capability table.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Order these steps:
1. Client/Server Ticket
2. TGT Ticket
3. Client/TGS Ticket
4. User Accesses Service
5. User Provides Auth Credentials

A

5,3,2,1,4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a Shortcut Trust ?

A

A transitive trust within a forest, created to shorten the trust path in a large and complex domain structure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a Forest Trust ?

A

A forest trust allows administrators to connect two AD DS forests with a single trust relationship.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a Realm Trust ?

A

A trust between a domain or a forest with another domain or a forest that is not based on Windows Active Directory.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Differentiate TACACS, TACACS+, & XTACACS.

A
  1. TACACS combines authentication & authorization.
  2. XTACACS separates authN, authZ, and auditing.
  3. TACACS+ is XTACACS with extended two-factor user authN.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is ADFS ?

A

Active Directory Federation Services, a Microsoft software component that allows users to access applications and systems across organizational boundaries using single sign-on (SSO).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What encryption is used during Kerberos login process?

A

AES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Mandatory Access Control is based on what type of model?

A

Lattice-based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Biba is what type of Access Control Model?

A

MAC (Mandatory Access Control)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What type of Access Control best describes NAC’s posture assessment capability?

A

A risk-based access control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What type of Access Control uses a table or matrix to map out access privileges?

A

Mandatory Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of these are common web application session management techniques?
1. IP Tracking
2. Cookies
3. URL rewriting
4. TLS tokens

A

2, 3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is SPML ?

A

Service Provisioning Markup Language

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

RADIUS supports TLS over…?

A

TCP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a tool that can allow cloud-based applications to act on behalf of a user?

A

OAuth

17
Q

What authentication technology can be paired with OAuth to perform identity verification & obtain user profile info using a RESTful API?

A

OpenID Connect

18
Q

What is ABAC ?

A

A policy-based authorization system that determines if a user has access permissions based on attributes associated with the user, the environment, & the resources being accessed.