Networking Security Flashcards
What is AAA stand for?
Hint: AAA is a misnomer
- I = Identification (Hidden)
- A = Authentication
- A = Authorization
- A = Accounting
- A = Auditing (Hidden)
What is an example of:
- Identification
- Authentication
- Authorization
- Accounting
- Auditing
- Providing Username
- Proving you say who you are
- Getting Access
- Collecting Logs
- Review of Logs
What is RADIUS?
A AAA Implementation used for Network access
What are 3 characteristics of RADIUS?
- Primarily used for network access
- Combines Authentication and Authorization
- Encrypts only the password in the access-request packet
What is TACACS+?
A AAA implementation used for Network Device Management
What are 3 characteristics of TACACS+?
- Encrypts the entire access-request packet
- Primarily used for network device administration
- Separates authentication and authorization
What wireless encryption scheme offers the highest level of protection?
- What encryption schemes can be used for it and which is best?
WPA3
- AES-CCMP
- AES-GCMP (Best)
What security protocol is designed to strengthen WEP implementations?
TKIP
What cryptographic algorithm is the least vulnerable to attacks?
AES (Advanced Encryption Standard)
What encryption scheme is used in WiFi Protected Access 2 (WPA2)?
AES-CCMP
What refers to a client authentication method used for the following:
- WPA2 Personal mode
- WPA3 Personal mode
- PSK (Pre-Shared Key)
- SAE (Simultaneous Authentication of Equals)
What would be the best solution for securing a small network that lacks an authentication server?
WPA3-SAE
What are 3 characteristic features of WPA2/WPA3 Enterprise mode?
- Used for Large Corporate Networks
- IEEE 802.1X
- Requires RADIUS Authentication Server
What authentication protocol can be used to enable SSO in Windows-based network environments?
Kerberos
In the Kerberos-based authentication process, the purpose of the client’s timestamp is to provide a countermeasure against:
Replay Attacks