Week 3 - Authentication Flashcards
What are the 3 a’s of cybersecurity?
- Authentication (proving you are who you are)
- Authorization (granting access)
- Accounting
How do you safeguard against potential undetected compromise of passwords?
a password rotation policy (but not too short or encourages poor security behavior)
What is multifactor authorization?
users are authenticated by providing multiple pieces of info or objects (like codes)
What are 5 types of authentication methods?
- Something you know - password or pin number
- Something you have - bank card, USB device, key fob, or OTP (one-time password)
- Something you are - biometric data, like a fingerprint, voice signature, facial recognition, or retinal scan
- Somewhere you are - geofencing, GPS, Indoor Positioning Systems (IPS), NFC scanning, geolocation
- Something you do - gestures, swipe patterns, CAPTCHA, or patterns of behavior
Which is more secure, iris or retinal scanning?
Retinal scanning (iris they can just use a photo)
What are client certificates?
allow servers to authenticate and verify clients
Certificates are ____ keys
public keys
Certificates are signed by a….?
certificate authority or CA
In order to issue client certificates, an organization must?
setup and maintain CA infrastructure to issue and sign certificates
What is a certificate revocation list (CRL)?
a signed list published by the CA (certificate authority) which defines certificates that have been explicitly revoked
What does RADIUS stand for?
Remote authentication dial-in user service
What is RADIUS?
a protocol that provides AAA (authentication, authorization, accounting) services for users on a network
[the 3 a’s of cybersecurity]
What are tickets?
a sort of token that proves your identity
(tickets are used by Kerberos for example)
What is TACACS+ mainly used for?
authentication system for network infrastructure services (device AAA)
