Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security+ > Identity and Access Management > Flashcards

Identity and Access Management Flashcards

1
Q

PAP

A

Password Authentication Protocol
Used with PPP (Point-to-point protocol).
Sends passwords over a network in cleartext.
Used as last resort

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

MS-CHAP and MS-CHAPv2

A

Microsoft Challenge Handshake Authentication Protocol.
Improvement over CHAP. MS-CHAPv2 allows for performing mutual authentication which means the client authenticates to the server AND the server authenticates to the client.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

CHAP

A

Challenge Handshake Authentication Protocol.
Uses PPP and authenticates remote users. Client and server both know a shared secret used in the authentication protocol.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

RADIUS Defintion

A

Remote Authentication Dial-In User Service.
Centralized authentication service. RADIUS can also be used as an 802.1x server with WPA2 Enterprise mode. It is common for a RADIUS server to access a LDAP server that holds accounts as opposed to holding the database itself. Uses UDP, only encrypts password, not entire authentication process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

TACACS+ Definition

A

Terminal Access Controller Access-Control System Plus. Cisco alternative to RADIUS. Encrypts the entire authentication process, where RADIUS only encrypts the password. TACACS+ uses multiple challenges and responses between the client and the server. Can interact with Kerberos.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Diameter

A

Extension of RADIUS. Uses TCP instead of UDP. Backwards compatible with RADIUS. Capable of secure transmissions with EAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Role-Based Access Control

A

Uses roles to manage rights and permissions. Administrator creates roles and assigns them specific roles and permissions and then adds users to that role as necessary. It’s common to document roles and their privileges in a matrix

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Group-based access control

A

A common way to implement role-based access control is with groups. Microsoft uses built-in security groups

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Rule-based Access Control

A

Based on a set of approved instructions, such as an access control list. Some rule-BAC systems use rules that trigger in response to an event

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Discretionary Access Control

A

Every object (Files, folders, etc.) has an owner. Owner establishes access for the objects. Common example is New Technology File System (NTFS) used in Windows

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Mandatory Access Control

A

Uses labels to determine access. Widely used by military units. MAC model uses a lattice to divide access into separate compartments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Attribute-Based Access Control

A

Uses attributes defined in policies to grant access to resources. Commonly used in Software Defined Networks (SDNs)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security+ (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions