Miscellaneous Authentication Technologies

Question 1

SMS

Answer 1

This is used as an additional layer of security where the user is authenticated and a SMS message is sent to he user’s cell phone. They then insert the code and are authenticated. there is usually a time limit associated with its use.

Question 2

Token Key

Answer 2

Tokens can very from a hardware device that received a one-time password, that would normally last between 30-60 seconds, to the fob or card used to gain access to a building via a card reader

Question 3

Push Notification

Answer 3

An email is sent to the user when access to their system has been received by an unusual device; for example, if I access Dropbox from a friend’s laptop

Question 4

Phone Call

Answer 4

When someone has accessed a system, they may receive a phone call as an additional layer of security.

Question 5

JavaScript Object Notation Web Token (JWT)

Answer 5

JWT is an internet standard where the server signs a token with its private key and sends it to a user to prove who they are. It can also be used to digitally sign documents and email. It is used by OAuth. For example, it may be passed through an HTTP header to prove the identity of a user, sometimes known as a claim.

Question 6

Static Code

Answer 6

These codes change after a period of time, like a PIN for a smart card. These are commonly used by broadband engineers

Question 7

Authentication Applications

Answer 7

This could be using Kerberos, who completes a Ticket Granting Ticket (TGT) session that results in a ticket that can be exchanged to give access to applications.