Card Set Information
Access Control and Identity Management
___ sends the username and password to the authentication server in plain text
PAP (Password Authentication Protocol)
-weakest form of authentication
___ encrypts the username and password
SPAP(Shiva Password Authentication Protocol)
___ is an Algorithm that uses a time-based fact to create unique passwords
TOTP(Time-Based One-Time Password)
_____is based on using a HMAC algorithm
HOTP(HMAC-Based One-Time Password
___provides acces to all authorized resources with a single instance of authentication
____is an authentication protocol, MIT, allows for a single sign-on to a distributed network.
Hint: Port 88
: ticket granting and SSO
The weakness of Kerberos are:
KDC is a spof
KDC must be able to handle lots of requests in a timely manner
____ provides challenge-response authentication replacement for older LANMAN protocol
NTLM(New Technology LANMAN
What are two example of Something you know?
Password or pin
List three example of something you have.
Smart Card, Token, and Device
Two examples of something you are.
Fingerprints or retinal pattern
Three examples of Biometrics:
Fingerprints, Iris, Retina, Face, Hand, Voice, and Signature
two or more factors of authentication
How many versions of NTLM are there?
Two (Version 1 Uses DES for enciphering, and Version 2 Uses MD5 for enciphering
What port does LDAP use over TLS/SSL?
What are the two common Directory Services?
Microsoft's Active Directory and Novell's eDirectory
Directory Services do what
allows centralized security management
provides a logical means of organizing resources
uses ACL's to control access to resources
uses X.500 standard
____,____, and _____ are the three ways to authenticate to LDAP
Anonymous, Simple, and Simple Authentication and Security Layer (SASL)
What are the LDAP Vulnerabilities?
Compromise of username/password
Improper directory security settings
____ All access is predefined
Mandatory Access Control (MAC)
____Allows the user's role to dictate access
Role-Based Access Control (RBAC)
____Limits the user to settings in preconfigured policies
Rule-Based Access Control
___Incorporates some flexibility
Discretionary Access Control (DAC)