Flashcards in Chapter 4 - Access Control, Authentication & Authorization Deck (38)
What's the concept behind "access control"?
Let the right ones in, keep the wrong ones out.
Tell me the difference between identification and authentication.
identification - finding out who someone is
authentication - verifying the identification
You have two or more parties authenticating each other. What is this called?
You have an authentication process, and in that process, two or more access methods are included. What kind of authentication system is this?
Tell me the 5 "factors" you have to work with when building your authentication system.
something you know, have, are, or do
somewhere you are
What does NAC stand for?
network access control
True/False: Security tokens are used to identify and authenticate the user, and because of this, they are similar to certificates.
You have a group of computer networks that all agree on standards of operation. What do you call this?
hint: Star Wars
Your identity, linked with your priveleges, allows you to cross business units and business boundaries. What kind of identity is this?
a federated identity
You are a user on a client PC communicating with an authentication server. Tell me the steps involved in the security token authentication.
server presents a challenge to the pc
pc provides a response
server sends a token device challenge
pc sends back a valid certificate
server grants authentication
You have an Active Directory and the domains of your forest trust each other. By default, these trusts are _______ and _______.
Tell me the difference between PAP and SPAP.
PAP sent stuff in plain text. SPAP encrypts stuff, THEN sends it.
A protocol was designed to stop man-in-the-middle attacks. What is that protocol?
There is another protocol that uses the aforementioned protocol to provide authentication. which protocol is that?
Which protocol uses a time based factor for the creation of new passwords?
Which protocol is based on a hash message algorithm?
Tell me the lockout policies at the local level. There are three of them
account lockout duration
account lockout threshold
reset account lockout counter after
Explain to me what SLIP is.
Serial Line Internet Protocol. It's an older protocol, was used in early remote access situations, was not secure, and could only be used to pass TCP/IP traffic.
Tell me 4 options that are common for remote authentication.
hint: tacks in a circle
TACACS, TACACS+, XTACACS, RADIUS
We've talked about tunneling protocols like PPTP, L2TP and SSH. How is IPSec different from these?
It isn't a tunneling protocol, but is used alongside a tunneling protocol. It is primarily used in LAN to LAN connections, but can also be used with some remote connections.
Tell me the major difficulty with a single-server RADIUS environment.
If the server malfunctions, the entire network may refuse connections.
What is SAML for?
authentication and authorization, based on XML
You are using a KDC to get authentication to receive services from a server. What's the problem with this?
the KDC is a single point of failure
Tell me the 4 primary methods of access control.
mandatory access control - predefined
discretionary access control - some flexibility
role-based access control - user's role dictates access capabilities
rule-based access control - limits the user to settings in preconfigured policies
What is the SA account?
the system administrator
Why would you perform an access review?
To determine if someone's access level is still appropriate.
There is a smart card used by the Department of Defense. What type of card is this?
Common Access Card
You are tweaking the tolerance for unanswered login attacks on your firewall. Which feature are you adjusting?
the flood guard
You want to prevent broadcast loops. Which feature will you use?
You have a trusted operating system that meets a set of requirements for security. Whose requirements are those?