Flashcards in Chapter 2 - Understanding Identity & Access Management . Deck (42)
________ allows entities to prove their identity by using credentials known to another entity.
________ occurs when a user claims or processes an identity, such as with a username, an email address, a PIV card, or by using biometrics.
Authentication occurs when an entity provides proof of an identity (such as a password) (T/F) ?
What is the second identity that verifies the authentication?
Your organization is planning to implement remote access capabilities. Management wants strong authentication and wants to ensure that passwords expire after a predefined time interval. Which of the following choices BEST meets this requirement?
B). TOTP (a time-based one time password).
- passwords created with TOTP expired after 30 seconds.
An HMAC-based One-Time Password (HTOP) creates passwords that do not expire (T/F) ?
Kerberos uses ______ instead of passwords.
A network includes a ticket-granting ticket server used for authentication. Which authentication service does this network use?
What is a TGT server?
Ticket-granting server. It creates tickets for authentication.
Shibboleth is a federated identity solution used in some single sign-on (SSO) solutions (T/F)?
_______ methods track user activity and record the activity in logs.
What are the 5 factors of authentication?
- something you know
- something you have
- something you are
- somewhere you are
- something you do
Which is the least secure form of authentication?
Something you know (refers to a shared secret such as a password).
Strong passwords are complex and at least ____ characters long.
_____-_____ password systems automate password recovery.
Password policies provide a technical means to ensure users employ secure password practices (T/F) ?
Password length specified the ______ number of _______ in the password.
_______ _______ ensures passwords are complex and includes at least three of the four character types, such as special characters.
What remembers past passwords and prevents users from reusing passwords?
Your organization is implementing an SDN. Management wants to use an access control model that controls access based on attributes. Which of the following is the BEST solution?
D). Attribute-based access control (ABAC)
A Mandatory Access Control (MAC) uses ____ assigned to _____ and _____ ?
This access control model uses roles or groups to assign rights and permissions.
Role-based access control (role-BAC).
This access control model has an owner, and the owner establishes access for the objects.
Discretionary access control (DAC).
_______ password age is used with password history to prevent users from changing their password repeatedly to get back to the original password.
_______ password age or password expiration forces users to change their password periodically.
______ _____ are credit card-sized cards that have embedded certificates used for authentication. They require. PKI to issue certificates.
_____ and _____ are open source standards used to create one-time use passwords.
HOTP and TOTP
HOTP creates a one-time-use password that expires (T/F)?
- the passwords DO NOT expire.
TOTP creates a one-time password that expires after ____ seconds?