Identity and Access Management

Question 1

Proves who I am to the authenticating system

Answer 1

Identification

Question 2

What rights do I have to the system once I have been authenticated

Answer 2

Authorization

Question 3

takes place by me proving that i have authorization to that system

Answer 3

Authentication

Question 4

What are the Authentication factors

Answer 4

Knowledge, possession, inherence

Question 5

Something you know authentication factor

Answer 5

Knowledge (passwords, etc)

Question 6

something you have authentication factor

Answer 6

possession (smart card, etc)

Question 7

something about you authentication factor

Answer 7

inherence (biometrics)

Question 8

inherited from a different trusted system

Answer 8

Federated trust

Question 9

using two or more authentication factors

Answer 9

multi factor authentications

Question 10

The things assigned to you that you can do

Answer 10

Permissions

Question 11

Assigned at the system level

Answer 11

Rights/Privileges

Question 12

Give your user or groups the least amount of privilege to their job done

Answer 12

Least privilege

Question 13

Labels authorization mode

Answer 13

Mandatory Access Control (MAC)

Question 14

owner of the data defines access

Answer 14

Discretionary Access Control (DAC)

Question 15

Access to resources is defined by a set of rules (Groups)

Answer 15

Role-based Access Control (RBAC)

Question 16

A list of permissions attached to an object

Answer 16

Access Control lists

Question 17

Tool used to configure a security policy setting on the local device, on a domain joined device and on a domain controller

Answer 17

Local Security Policy

Question 18

Collection of settings that define what a system will look like and how it will behave for a defined group of users

Answer 18

Group Policy Objects

Question 19

What are the three permissions that can be given on a Linux file system?

Answer 19

Read, Write, Execute

Question 20

What are the three groups that can be given rights in a linux file system?

Answer 20

Owner, Group, Everyone

Question 21

What command is used to change the permissions in a Linux File system?

Answer 21

chmod

Question 22

What command is used to change the owner in a Linux File system?

Answer 22

chown

Question 23

What command is used to change the password of a user in a Linux File system?

Answer 23

passwd

Question 24

In a windows system, granted to users and groups on folders and files

Answer 24

NTFS Permissions

Question 25

Permissions given to a folder is also given to sub folders and files within the folder

Answer 25

Inheritance

Question 26

How can inheritance be turned off?

Answer 26

using the Deny checkbox

Question 27

Networking protocol that provides AAA management for users who connect and use a network service

Answer 27

Remote Authentication Dial-In User Service (RADIUS)

Question 28

What does the RADIUS server contain?

Answer 28

usernames and passwords

Question 29

In RADIUS, what is the gateway that separates what we are trying to authenticate to and the person trying to authenticate?

Answer 29

RADIUS client

Question 30

In RADIUS, what is the person or system trying to get authenticated called?

Answer 30

RADIUS supplicant

Question 31

What four ports can RADIUS use?

Answer 31

1812, 1812, 1645, 1646

Question 32

What is the downside to using RADIUS?

Answer 32

Doesn’t handle authorization

Question 33

What is the protocol developed by Cisco and released as an open standard in 1993??

Answer 33

Terminal Access Controller Access-Control System Plus (TACASC+)

Question 34

What does TACASC+ handle?

Answer 34

authentication, authorization, and accounting (AAA)

Question 35

what port does TACACS+ use?

Answer 35

49

Question 36

What is the oldest authentication method that sends username and password in the clear?

Answer 36

Password Authentication Protocol (PAP)

Question 37

Which authentication method has a key on both server and client, a challenge message, and sends hash along with challenge message over to the client?

Answer 37

Challenge-Handshake Authentication Protocol (CHAP)

Question 38

Which authentication method is used for two windows systems within a work group logging into each other? Also referred to “double CHAP”.

Answer 38

NT LAN Manager (NTLM)

Question 39

Which authentication method uses windows domain controllers?

Answer 39

Kerberos

Question 40

What port does Kerberos use?

Answer 40

Port 88

Question 41

What is used exclusively for authenticating for web applications?

Answer 41

Security Assertion Markup Language (SAML)

Question 42

Which authentication method is more of a structured language that allows one computer to go into someone else’s directory and query and udpate it?

Answer 42

Lightweight Directory Access Protocol (LDAP)

Question 43

What port does LDAP use?

Answer 43

TCP/UDP Port 389

Question 44

using Kerberos, what is the domain controller called?

Answer 44

Key distribution center

Question 45

What tool could you use to set up single sign on within a LAN?

Answer 45

Windows Active Directory

Question 46

What is the protocol that allows Linux users to use Active Directory

Answer 46

SAMBA

Question 47

What determines the number of times you can unsuccessfully attempt to log in before you are shut out of the system for a specified period?

Answer 47

account lockout threshold

Question 48

Where are the settings for passwords located?

Answer 48

Local Security Policy

Question 49

What relates to how long a password is active before it must be changed?

Answer 49

Maximum password age

Question 50

What determines how long the user will be locked out of the system before he can attempt to log on again?

Answer 50

Account lockout duration