Week 5 Authentication & Access Control Flashcards
(9 cards)
1
Q
What is authentication?
A
Methods and techniques to verify the identity of users, devices, or entities attempting to access a system or resource.
2
Q
What are the principles of authentication?
A
- Identification:
- Verification:
- Authorization:
- Authentication Factors:
3
Q
What are some common authentication methods?
A
- Password-based Authentication:
- Multi-factor Authentication (MFA):
- Biometric Authentication:
- Token-based Authentication:
- Certificate-based Authentication:
- Single Sign-On (SSO):
-
Risk-based Authentication:
.
4
Q
What are the best practices for authentication?
A
- Use Strong Password Policies
- Implement MFA
- Secure Authentication Data:
- Regularly Update Authentication Mechanisms:
- Monitor and Audit Authentication Events
- Educate Users
- Continuously Assess and Improve:
5
Q
What is Access Control?
A
Regulates and restricts access to resources, systems, or data within a computing environment.
6
Q
What are the principles of access controls?
A
- Principle of Least Privilege (PoLP):
- Need-to-Know Principle:
- Separation of Duties (SoD):
7
Q
What are the different types of access control?
A
- Discretionary Access Control (DAC):
- Mandatory Access Control (MAC):
- Role-Based Access Control (RBAC):
- Attribute-Based Access Control (ABAC):
8
Q
What are the access controls mechanisms?
A
- Authentication:
- Authorization:
- Access Enforcement:
- Auditing and Monitoring:
9
Q
What are the best practices for access control?
A
- Implement Defense-in-Depth:
- Regularly Review and Update Policies:
- Enforce Strong Authentication:
- Apply Principle of Least Privilege:
- Secure Administrative Access:
- Monitor and Audit Access:
- Provide User Education and Awareness:
