Domain 5: Identity and Access Management

Question 1

What has both a public and private key, and is usually issued by a CA in a PKI?

Answer 1

Digital Certificates

Question 2

What is a client to a RADIUS server, and the RADIUS server provides AAA services?

Answer 2

Network Access Server

Question 3

What uses UDP and encrypts the password only and is common in remote access systems?

Answer 3

RADIUS

Question 4

What uses TCP and encrypts the entire session and is common in admin access to network devices?

Answer 4

TACACS+

Question 5

What is based on RADIUS and improves many of the weaknesses of RADIUS, but is not compatible to RADIUS?

Answer 5

Diameter

Question 6

What feature forces on authentication, confidentiality, and integrity using symmetric key encryption but does not include logging capabilities.

Answer 6

Kerberos

Question 7

What are some common Kerberos attacks?

Answer 7

Replay
Pass-the-ticket
Golden ticket
Kerberoasting

Question 8

What is a more granular approach to least privilege and allows temporary elevation of privilege, and is sometimes implemented through ephemeral accounts or a broker and remove access strategy?

Answer 8

Just-in-Time
JIT

Question 9

What does FAR stand for?

Answer 9

False acceptance rate

Question 10

What does FRR stand for?

Answer 10

False rejection rate

Question 11

What are some common single sign on methods/standards?

Answer 11

SAML
SESAME
Kryptoknight
OAuth
OpenID

Question 12

What is an XML-based open-standard data format for exchanging authentication and authorization data between an identity provider and a service provider?

Answer 12

Security Assertion Markup Language
SAML

Question 13

What is an open standard for authorization and is commonly used for user to log into third party sites like Google and Facebook without exposing their password.

Answer 13

OAuth 2.0

Question 14

What is an open standard that provides a decentralized authentication, allowing users to log into multiple unrelated sites with one set of credentials maintained by a third-party.

Answer 14

OpenID

Question 15

What model works where every object has an owner, and the owner can grant or deny access to any other objects?

Answer 15

Discretionary Access Control
DAC

Question 16

What access control model uses roles or groups to assign permissions to multiple users in roles, usually mapped to job roles.

Answer 16

Role Based Access Control
RBAC

Question 17

What access control model applies global rules that apply to all subjects and rules within the model are sometimes referred to as restrictions or filters?

Answer 17

Rule-based Access Control

Question 18

What access control model uses rules that can include multiple attributes and allows it to be much more flexible than a rule-based access control model.

Answer 18

Attribute Based Access Control

Question 19

What access control model uses labels applied to both subjects and objects and is referred to as a lattice-based model?

Answer 19

Mandatory Access Control

Question 20

What are some examples of preventative controls?

Answer 20

Job rotation, data classification, penetration testing, and access control methods

Question 21

What are some examples of detective controls?

Answer 21

Job rotation, mandatory vacations, audit trails, violation reports, honey pots, and incident investigations

Question 22

What are some examples of corrective controls?

Answer 22

Intrusion detective systems, antivirus solutions, alarms, business continuity planning, security policies

Question 23

What type of access control attack uses all dictionary words to find the correct password?

Answer 23

Dictionary Attack

Question 24

What type of attack is attempting to break the password by trying all possible words?

Answer 24

Brute Force Attack

Question 25

What attack implements a fake logon screen, and when a user attempts to login, the logon screen will send the username and password to the hacker?

Answer 25

Spoofed logon Screen

Question 26

What type of attack is where an attacker uses a packet-capturing tool to capture, analyze, and read data sent over a network?

Answer 26

Sniffer Attacks

Question 27

What stops sniffer attacks?

Answer 27

Encrypting data in transit

Question 28

What attack is pretending to be something or someone else, and it is used in many types of attacks?

Answer 28

Spoofing Attacks

Question 29

What is the best defense against social engineering?

Answer 29

Security Awareness Training

Question 30

What attack targets specific groups of users?

Answer 30

Spear Phishing

Question 31

What techniques can prevent access control attacks?

Answer 31

Ensuring passwords are long, complex, and changed periodically
Strong password policy
Enforcing account lockouts, # of logon attempts, etc

Question 32

How to prevent spoofed logon screen attacks?

Answer 32

Secure endpoints

Question 33

What attack allows the electronic emanations that every monitors produces to be read from a distance and is effective on CRT monitors?

Answer 33

Tempest

Question 34

What attack broadcasts false traffic at all times to mask and hide the presence of real emanations?

Answer 34

White Noise