Card Set Information

2015-07-08 14:11:08
Access Control and Identity Management
Access Control
Show Answers:

  1. ___ sends the username and password to the authentication server in plain text
    • PAP (Password Authentication Protocol)
    • -weakest form of authentication
  2. ___ encrypts the username and password
    SPAP(Shiva Password Authentication Protocol)
  3. ___ is an Algorithm that uses a time-based fact to create unique passwords
    TOTP(Time-Based One-Time Password)
  4. _____is based on using a HMAC algorithm
    HOTP(HMAC-Based One-Time Password
  5. ___provides acces to all authorized resources with a single instance of authentication
    SSO(Single Sign-On)
  6. ____is an authentication protocol, MIT, allows for a single sign-on to a distributed network.

    Hint: Port 88
    • Kerberos
    • key notes: ticket granting and SSO
  7. The weakness of Kerberos are:
    • KDC is a spof
    • KDC must be able to handle lots of requests in a timely manner
  8. ____ provides challenge-response authentication replacement for older LANMAN protocol
    NTLM(New Technology LANMAN
  9. What are two example of Something you know?
    Password or pin
  10. List three example of something you have.
    Smart Card, Token, and Device
  11. Two examples of something you are.
    Fingerprints or retinal pattern
  12. Three examples of Biometrics:
    Fingerprints, Iris, Retina, Face, Hand, Voice, and Signature
  13. Describe Multi-factor
    two or more factors of authentication
  14. How many versions of NTLM are there?
    Two (Version 1 Uses DES for enciphering, and Version 2 Uses MD5 for enciphering
  15. What port does LDAP use over TLS/SSL?
    Port 636
  16. What are the two common Directory Services?
    Microsoft's Active Directory and Novell's eDirectory
  17. Directory Services do what
    • allows centralized security management¬†
    • provides a logical means of organizing resources
    • uses ACL's to control access to resources
    • uses X.500 standard
  18. ____,____, and _____ are the three ways to authenticate to LDAP
    Anonymous, Simple, and Simple Authentication and Security Layer (SASL)
  19. What are the LDAP Vulnerabilities?
    • Compromise of username/password
    • Improper directory security settings
    • Man-in-the-middle
  20. ____ All access is predefined
    Mandatory Access Control (MAC)
  21. ____Allows the user's role to dictate access
    Role-Based Access Control (RBAC)
  22. ____Limits the user to settings in preconfigured policies
    Rule-Based Access Control
  23. ___Incorporates some flexibility
    Discretionary Access Control (DAC)