Chapter 8 Flashcards
DAC (Discretionary Access Control)
Users have control over access to their own data or local computer resources.
EAP (Extensible Authentication Protocol)
An authentication framework that is commonly used for wireless networks.
CHAP (Challenge Handshake Authentication Protocol)
An authentication protocol designed to provide more security than protocols like PAP, and uses an encrypted challenge and three-way handshake to send credentials.
PAP (Password Authentication Protocol)
A password-centric authentication protocol that was commonly used with the PPP (Point-to-Point protocol) to authenticate users.
RADIUS (Remote Authentication Dial-in User Service)
One of the most common AAA (Authentication, Authorization, and Accounting) systems for network devices, wireless networks, and other services.
TACACS+ (Terminal Access Controller Access Control System Plus)
A Cisco designed extension to TACACS that uses TCP traffic to provide AAA services.
Kerberos
Designed to operate on untrusted networks and uses authentication to shield its authentication traffic.
SAML (Security Assertion Markup Language)
An XML based open standard for exchanging authentication and authorization information.
OpenID
An open standard for decentralized authentication. An example is using your google account to log into another service.
OAuth
An open standard for authorization used by many websites.
SSO (Single Sign On)
Allows a user to log in with a single identity and then use multiple systems or services without reauthenticating.
MFA (Multifactor Authentication)
Three major factors are used to create multifactor authentication:
Something you know
Something you have
Something you are
KBA (Knowledge Based Authentication)
i.e. security questions
PAM (Privileged Access Management)
Tools that are used to handle the administrative and privileged accounts.
ABAC (Attribute Based Access Control)
Relies on policies driven by attributes of the users.
