Chapter 2 - Understanding Identity & Access Management . Flashcards Preview

CompTIA Sec+ SY0-501 > Chapter 2 - Understanding Identity & Access Management . > Flashcards

Flashcards in Chapter 2 - Understanding Identity & Access Management . Deck (42)
Loading flashcards...
1

________ allows entities to prove their identity by using credentials known to another entity.

Authentication

2

________ occurs when a user claims or processes an identity, such as with a username, an email address, a PIV card, or by using biometrics.

Identification

3

Authentication occurs when an entity provides proof of an identity (such as a password) (T/F) ?

True!

4

What is the second identity that verifies the authentication?

Authenticator

5

Your organization is planning to implement remote access capabilities. Management wants strong authentication and wants to ensure that passwords expire after a predefined time interval. Which of the following choices BEST meets this requirement?

A). HOTP
B). TOTP
C). CAC
D). Kerberos

B). TOTP (a time-based one time password).

- passwords created with TOTP expired after 30 seconds.

6

An HMAC-based One-Time Password (HTOP) creates passwords that do not expire (T/F) ?

True!

7

Kerberos uses ______ instead of passwords.

Tickets

8

A network includes a ticket-granting ticket server used for authentication. Which authentication service does this network use?

A). Shibboleth
B). SAML
C). LDAP
D). Kerberos

D). Kerberos

9

What is a TGT server?

Ticket-granting server. It creates tickets for authentication.

10

Shibboleth is a federated identity solution used in some single sign-on (SSO) solutions (T/F)?

True!

11

_______ methods track user activity and record the activity in logs.

Accounting

12

What are the 5 factors of authentication?

- something you know
- something you have
- something you are
- somewhere you are
- something you do

13

Which is the least secure form of authentication?

Something you know (refers to a shared secret such as a password).

14

Strong passwords are complex and at least ____ characters long.

14

15

_____-_____ password systems automate password recovery.

Self-service

16

Password policies provide a technical means to ensure users employ secure password practices (T/F) ?

True!

17

Password length specified the ______ number of _______ in the password.

- minimum
- characters

18

_______ _______ ensures passwords are complex and includes at least three of the four character types, such as special characters.

Password complexity

19

What remembers past passwords and prevents users from reusing passwords?

Password history

20

Your organization is implementing an SDN. Management wants to use an access control model that controls access based on attributes. Which of the following is the BEST solution?

A). DAC
B). MAC
C). Role-BAC
D). ABAC

D). Attribute-based access control (ABAC)

21

A Mandatory Access Control (MAC) uses ____ assigned to _____ and _____ ?

- labels
- subjects
- objects

22

This access control model uses roles or groups to assign rights and permissions.

Role-based access control (role-BAC).

23

This access control model has an owner, and the owner establishes access for the objects.

Discretionary access control (DAC).

24

_______ password age is used with password history to prevent users from changing their password repeatedly to get back to the original password.

Minimum

25

_______ password age or password expiration forces users to change their password periodically.

Maximum

26

______ _____ are credit card-sized cards that have embedded certificates used for authentication. They require. PKI to issue certificates.

Smart cards

27

_____ and _____ are open source standards used to create one-time use passwords.

HOTP and TOTP

28

HOTP creates a one-time-use password that expires (T/F)?

False!

- the passwords DO NOT expire.

29

TOTP creates a one-time password that expires after ____ seconds?

30

30

Biometric methods are the most difficult to falsify (T/F) ?

True!