Section 2.4 Authentication and Authorization Design concepts Flashcards
What authentication concept is the process of presenting valid credentials to the system?
Identification/Identity Proofing
What authentication concept is the process of validating the user’s identification?
Authentication
What authentication concept is the act of granting permission to an object?
Authorization
What authentication concept is the process of logging a users’ activities and behaviors, the amount of data they use, and the resources they consume?
Accounting
What does the AAA in the AAA framework stand for?
Authentication, Authorization, and Accounting
What authentication refers to requiring only one factor (such as a password) to authenticate a user?
Single-factor authentication
What authentication typically combines two single-factor authentication types, such as something the user knows and something the user possesses?
Two-factor authentication
What is the strongest form of user authentication?
Multifactor authentication
What authentication involves a combination of physical item, such as a smart card, token, or biometric factor, and a non-physical item, such as a password, passphrase, or PIN?
Multifactor authentication
What do you call a repository of information regarding the users and resources of a network?
Directory services
What service is the underlying protocol that is found in most modern directory service implementations?
LDAP
What does LDAP stand for?
Lightweight Directory Access Protocol
What protocol uses TCP port 389?
LDAP (unencrypted)
What protocol uses TCP port 689?
LDAP over SSL
What protocol uses TCP port 636?
LDAP over TLS
What concept allows the user to be authenticated only once on the network to access the resources on it?
Single Sign-on
What concept allows a users identity and associated attributes to be carried with them across enterprise boundaries?
Federation
Federated identities center on the concept of _________, where the trust relationship between the two domains allows authentication of trusted users across both domains?
Transitive Trust