• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/35

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

35 Cards in this Set

  • Front
  • Back

What is happening when a user types their name on the screen?

This is the identification part of authentication.

From a security perspective both the ______ and __________ should be identified?

Both the User and Server are identified and it is called Mutual Authentication.

What are the five Factors that can be used to authenticate an individual?

  1. Something you know: password or PIN
  2. Something you have: swipe card or token
  3. Something you are: biometrics (strongest)
  4. Somewhere you are: GPS or IP
  5. Something you do: typing pattern

Explain the three multi-factor methods of Authentication.
  1. Single-Factor: User name and password
  2. Two-Factor: Smart-card and PIN, fingerprint and password.
  3. Three-Factor: Retina scan, swipe card and a PIN.

How are multifactor Authentication schemes determined?

Then number of authentication factors used i.e. something you know/do/are/have or somewhere you are.

Single Sign-On SSO is the concept of using _________


to access multiple systems?

A single sign-on to access multiple systems.

The drawbacks of SSO are?

Hack one hack all.

What are Access Tokens?

A soft i.e. (logical) token created when a user logs in that has the following:


  1. Security identifier SID: assigned to users
  2. Group Security identifiers
  3. Primary Security identifiers: (POSIX Domain users not used in Windows)
  4. Access Rights: created at logon only

You have added a user to a new group, but they do not have any access rights. What is the most likely cause of the problem.

The new user probably needs to log off and log on again to obtain an access token for the qroup.

Name four Authentication Protocols used in Windows?
  1. Anonymous: no log on required an account for the service.
  2. Basic: Require a log on which is sent to server in clear text.
  3. Integrated Windows: same is Basic but encrypted
  4. Kerberos: Mutual Authentication protocol uses KDC and sends tickets to clients for acess

What are the Remote Access authentication RAS and VPN?
  1. RAS uses point-to-point connections (PPP) used by telephony application (for dial-up) to connect to the RAS server.
  2. VPN connects to the remote VPN server using a secure channel over a trusted network both support PAP and CHAP.

What is the PAP authentication protocols?
  1. Password Authentication is a basic authentication and is very insecure.
What are three steps of the Challenge Handshake (CHAP) authentication protocol?
  1. The Server sends a challenge key
  2. The client combines the challenge with the password and both are ran through the MD5 that creates hash value used by the server for authentication.
  3. The server uses the key to create a hash value with the stored password which is compared to the client hash value thereby validating the password.

What is the MS-CHAP authentication protocols?

A variation of CHAP protocol that uses MD4 versus MD5 along with Microsoft Point-to-Point Encryption (MPPE) to encrypt all traffic from the client to the server.
What is the MS-CHAPv2 authentication protocols?

A variation of MS-CHAP that authenticates both the client and the server using stronger encryption keys
What is the (EAP) Extensible authentication protocols?

It allows for multiple logon methods such as smartcard logon, certificates Kerberos and public-key authentication it is also used with RADIUS.

RADIUS is a central authentication service that can be used with which other protocols? One drawback of RADIUS is?

This central authentication can be used with RAS, wireless or VPN solutions. It encrypts only the password.

What are three aspects of the Authentication Services (AAA)?
  1. Authentication = verification
  2. Authorization = network access
  3. Accounting = logging activities for billing

Name three AAA services?
  1. RADIUS: TCP based Remote Access Dial-In User Service
  2. Diameter: designed to replace RADIUS it is more reliable, secure and scalable.
  3. TACACS & XTACACS Terminal Access Controller Access Control System improvement over RADIUS because it encrypts all send info

Radius uses which transport layer protocol and which ports?
  1. UDP is the protocol and the ports are 1812 and 1813.

Name two Authentication protocols that use applications to authenticate to a directory and then to retrieve information about objects in the directory?

Lightweight Directory Addess Protocol (LDAP)


LDAP (uses TCP port 389) and secure LDAP (uses TCP port 636) and is encrypted

Name two Authentication protocols that generate passwords? How are they different?

Time-based One Time Password (TOTP) generated based on Current Time while and HOTP is based on the Hash Message Authentication Code HMAC-based involves the use of a hashing code.

Which Authentication protocol is an XML standard designed for authentication and authorization often used with identity federation.

SAML Security Assertion Markup Language.

What is Federation Authentication protocol?

A term used to authenticate and authorize users across organizations and application boundaries through the use of an Identity Management system.


Note: In FID, a user's credentials are always stored with the "home" organization (the "identity provider")

Which two Authentication protocols are based on trust.
  1. Trusted OS uses multiple security layers i.e. authentication and authorization.
  2. Transitive trust access is based on a trust model i.e. Computer A trust Computer B ...

Implicit Deny Authentication protocol is based on

Denying anyone access to a system until they are authenticated.

What is the most common form of authentication?

Unique user name and password.

What is the difference between authentication and identification?

Identification is presenting documents to show identify and authentication is proving your identity by knowing a password.

What are the three major token types?
  1. Hardware token
  2. Software token i.e. app
  3. Logical tokens generated at log on containing a SID and a list of privileges.

What is the most secure Biometric authentication?

Iris scan which scans the colored part of the eye.

What does the Retina scan do?

Scans the pattern of blood vessels around the retins

Name types of Biometric Errors?
  1. Type I false reject rare (FRR)
  2. Type II false aceptance (FAR)

What is the crossover error rate (CER)

Measurement of the accuracy of a biometric device.

What are two types of smart cards?
  1. CAC common access card is and identity card use with a PIN
  2. PIV personal identification verification card is used to store information about personnel i.e. authentication and biometrics

When using a VPN to connect to a RADIUS server the VPN is called the?

RADIUS client.