5.2 Authentication and Authorization Technologies

Beschreibung

Integrate advanced authentication and authorization technology to support business objectives.
DJ Perrone
Karteikarten von DJ Perrone, aktualisiert more than 1 year ago
DJ Perrone
Erstellt von DJ Perrone vor etwa 7 Jahre
11
1

Zusammenfassung der Ressource

Frage Antworten
What are two parts of authentication? - Identification - Authentication
In reference to the parts of Authentication, what is identification? When the user provides an identity to an access control system.
In reference to the parts of Authentication, what is authentication? When the control systems validates user credentials.
What are some important elements of account management? - Establish a process for accounts - Review user accounts - Have a process to track access authorization - Rescreen personnel in sensitive positions
What is a standard word password? A single word with a mixture of upper and lower case letters.
What is a combination password? - Also called composition passwords. - Uses a mix of unrelated dictionary words.
What is a static password? - Same for each login. - Minimum security.
What is a complex password? A password that forces users to include a mixture of upper and lower, numbers and special characters.
What is a passphrase password? - Requires a long phrase to be used.
What is a cognitive password? - A piece of information that can be used to verify an indivitual's identity. - User answers a series of questions.
What is a one-time password (OTP's) - Also called a dynamic password. - Only used once to log into the system. - Discarded after one use.
What is a graphical password? - Also called a Completly Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA)
What is characteristic factor authentication? - Type III - Based on something that a person is
What are physiological characteristics? Using a biometric scanning device to measure certain information about a physiological characteristic.
What are behavioral characteristics? A system using a biometric scanning device to measure a person's actions
What are 3 types of behavioral biometric systems? - Signature dynamics - Keystroke dynamics - Voice pattern or print
In reference to behavioral biometric systems, what is signature dynamics? - Measures stroke speed, pen pressure, acceleration and deceleration while user writes signature.
In reference to behavioral biometric systems, what is keystroke dynamics? - Measures typing pattern that a user uses when inputting a password or phrase. - Measures flight and dwell time.
In reference to behavioral biometric systems, what is voice pattern or print dynamics? Measures the sound pattern of a user saying certain words.
What is enrollment time? The process of obtaining a sample used by the biometric system.
What is feature extraction? The approach to obtaining biometric information from a sample.
What is FRR? - False Rejection Rate - Measure of valid users that will be falsely rejected by the system. - Type I error
What is FAR? - False Acceptance Rate - Measurement of the percentage of invalid users falsely accepted by the system. - Type II error
What is CER? - Crossover Error Rate - The point in which the FRR equals FAR
What are 5 of the most effective biometric methods? - Iris scan - Retina scan - Fingerprint - Hand print - Hand geometry
What are 5 of the most popular biometric methods? - Voice pattern - Keystroke pattern - Signature dynamic - Hand geometry - Hand print
What is SSO? - Single Sign On - Login credentials are entered once and can access all network resources.
What is authorization? Granting rights and permissions to resources.
What is an access control model? - A formal description of an organization's security policy
What are some access control models? - Discretionary Access Control (DAC) - Mandatory Access Control (MAC) - Role-based Access Control (RBAC) - Rule-based Access Control - Content-Dependent Access Control - Context-Dependent Access Control
What is DAC? - Discretionary Access Control - Object owner specifies which subjects can access the resource. - Data custodian makes access decisions. - Need to know control
What is MAC? - Mandatory Access Control - Subject authorization is based on security labels. System makes decisions, not data custodian. - More secure, but less flexible and scalable than DAC.
What is RBAC? - Role-based Access Control - Each subject is assigned to one or more roles. - Enforces minimum privileges for subjects.
What is Rule-Based Access Control? - Facilitates frequent changes to data permissions - Security policy is based on global rules for all users. - Access is based on profiles.
What is Content-Dependent Access Control? - Makes access control decisions based on an objects data.
What is Context-Dependent Access Control? - Access is based on subject, attribute or environmental characteristics. - Could be used for time constraint access.
What is an access control matrix? - A table that contains a list of objects, and a list of actions that a subject can take on each object.
What is an access control policy? - Defining the method for identifying and authenticating users and the level of access granted.
What is Default to No Access? If access is not granted, access defaults to no.
What is OAUTH? - Open Authorization - Allows users to share private resources on site to another site without credentials. - Uses tokens to allow restricted access to data when an application requires access.
What is XACML? - Extensible Access Control Markup Language - Access control policy language using XML - Fine grained control of activities
What are 2 components of XACML? - Policy enforcement point (PEP) - Policy decision point (PDP)
In reference to XACML, what is PEP? - Policy Enforcement Point - Protects the resources that the user is attempting to access.
In reference to XACML, what is PDP? - Policy Decision Point - Retrieves all applicable policies in XACML and compares the request with the policies. Then transmits the answer back to PEP.
What is SPML? Service Provisioning Markup Language
What are the 3 components of SPML? - Request Authority (RA) - Provisioning Service Provider (PSP) - Provisioning Service Target (PST)
In reference to SPML, what is RA? - Request Authority - The entity that makes the provisioning request
In reference to SPML, what is PSP? - Provisioning Service Provider - The entity that responds to the RA request.
In reference to SPML, what is PST? - Provisioning Service Target - The entity that performs the provisioning.
What is SAML? Security Assertion Markup Language
What is attestation? Allowing changes to a user's computer to be detected by authorized parties.
What is federation? Identity that is portable and can be used across businesses and domains.
What are two models for federation? - Cross-certification model - Trusted third-party (bridge) model
In reference to federation, what is the cross-certification model? Each organization certifies that every other organization is trusted.
In reference to federation, what is the trusted third-party or bridge model? Each organization subscribes to the standards of a third party. That third party manages verification, certification and due diligence for all organizations.
What is Shibboleth? OSS providing SSO capabilities, allowing sites to make authorization decisions for individual access of resources.
What are 2 components of Shibboleth? - Identity Providers (IP) - Service Providers (SP)
In reference to Shibboleth, what is IP? - Identity Providers - Supply the user information
In reference to Shibboleth, what is SP? - Service Providers - Consume information provided by IP before providing a service.
Zusammenfassung anzeigen Zusammenfassung ausblenden

ähnlicher Inhalt

Area and Circumference of a Circle Quiz
Oliver Balay
Microsoft Exam 70-410: Volume1- Test 1
Alex Quito
Circles Level 1
Oliver Balay
Year6 - Federation Quiz
mrichardsAU
The Australian Court System
Ahmed Almohammed
Federation Revision
Vivi Grace
Campanya Publicitària
Vanessa Núñez Jiménez
Active Directory Architechture
Tyler Lee-Farrell
Active Directory Domain Service
Shantal K Green
Upper Limbs (Clavicle, Scapula, Humerous, Ulna, Radius, Carpals, Metacarpals, Phlanges)
Samuel Bohannon
Authentication & Identity
Liam-Beckwith