Term
AAA is made up of three distinct but interdependent parts:
|
|
Definition
- access control
- authentication
- auditing
|
|
|
Term
| ____ consists of the rules for controlling the methods and conditions of access to your system. |
|
Definition
|
|
Term
| ____ defines the methods for setting the rules for establishing the methods of authentication of the service or user requesting access to the system or resources. |
|
Definition
|
|
Term
| ____ contains the suggestions and procedures for monitoring access and authentication processes in your systems, and secures the log files and records of these efforts. |
|
Definition
|
|
Term
The system administrator is responsible for access privileges in the ____ access control model |
|
Definition
| MAC (Mandatory Access Control) |
|
|
Term
| The ___ model has a level of access that is defined and hard-coded in the OS or application, and not easily changed |
|
Definition
| MAC (Mandatory Access Control) |
|
|
Term
In the ___ users cannot share resources dynamically |
|
Definition
| Mandatory Access Control (MAC) |
|
|
Term
MAC model uses ___ to identify the users who have
permissions to a resource |
|
Definition
| predefined access privileges |
|
|
Term
The MAC model is a ___ model and as a result it can be very ___. |
|
Definition
|
|
Term
In the MAC model, all objects are given security labels known as ___ and are classified accordingly. Then all users are given specific ____ as to what they are allowed to access. |
|
Definition
sensitivity labels security clearances |
|
|
Term
| ____ best describes a MAC model. |
|
Definition
|
|
Term
Only the owner of the resource is responsible for access privileges in the _____ access control model |
|
Definition
| DAC (Discretionary Access Control) |
|
|
Term
The DAC model uses ___ to map a user's to access permissions to a resource. |
|
Definition
| Access Control Lists (ACLs) |
|
|
Term
| Access control lists provides the most ____ to protected objects |
|
Definition
|
|
Term
The ____ model uses only the identity of the user or specific process to control access to a resource. This creates a security loophole for ____ |
|
Definition
DAC (Discretionary Access Control) Trojan horse attacks |
|
|
Term
| Access control using the ___ model is based on the role or responsibilities users have in the organization to determine access permissions. |
|
Definition
| RBAC (Role Based Access Control) |
|
|
Term
| RBAC access control model uses ____ to identify the users who have permissions to a resource |
|
Definition
| the role or responsibilities users have in the organization |
|
|
Term
What type of authentication is depicted below: The authentication process uses a Key Distribution Center (KDC) to orchestrate the entire process. The KDC authenticates the network. Principles can be users, programs, or systems. The KDC provides a ticket to the network. Once this ticket is issued, it can be used to authenticate against other principles. This occurs automatically when a request or service is performed by another network.
|
|
Definition
|
|
Term
Which authentication method does the following sequence: Logon request encrypts value response server challenge compare encrypts results authorize or fail
|
|
Definition
| CHAP (Challenge Handshake Authentication Protocol) |
|
|
Term
What type of authentication is depicted below: The initiator sends a logon request from the client to the server. The server sends a challenge back to the client. The challenge is encrypted and then sent back to the server. The server compares the value from the client and if the information matches, the server grants authorization. If the response fails, the session fails and the request phase starts over
|
|
Definition
| CHAP (Challenge Handshake Authentication Protocol) |
|
|
Term
| The CHAP authentication method does not use username and password combinations but uses a _____ which is stored locally in ____. |
|
Definition
|
|
Term
| The CHAP authentication method is commonly used to ______ |
|
Definition
|
|
Term
| The CHAP authentication performs the handshake process when ___ a connection; and then at ___ during the transaction session. |
|
Definition
first establishing random intervals |
|
|
Term
What type of authentication is depicted below: A certificate being handed from the server to the client once authentication has been established. If you have a pass, you can wander throughout the network. BUT limited access is allowed.
|
|
Definition
|
|
Term
| What is the first thing a computer system requires from a user for correct authentication? |
|
Definition
|
|
Term
| ____ can be intercepted and are the least secure form of authentication. |
|
Definition
|
|
Term
What type of authentication is depicted below: If your token does not grant you access to certain information, that information will either not be displayed or your access will be denied. The authentication system creates a token every time a user or a session begins. At the completion of a session, the token is destroyed
|
|
Definition
|
|
Term
What type of authentication is depicted below: verifying and validating the authenticity of an identity using more than one validation mechanism. |
|
Definition
|
|
Term
What type of authentication is depicted below: refers to two parties authenticating each other suitably. In technology terms, it refers to a client or user authenticating themselves to a server and that server authenticating itself to the user in such a way that both parties are assured of the others' identity. |
|
Definition
| Mutual: (two-way authentication) |
|
|
Term
| What authentication type uses physical characteristics to identify the user and makes use of hand scanners, fingerprints, retinal scanners or DNA structure to identify the user? |
|
Definition
|
|
Term
| ____ are the strongest (and the costliest) for of authentication |
|
Definition
|
|
Term
____ uses username and password combinations but transmits the username and password in clear text. |
|
Definition
| Password Authentication Protocol (PAP) |
|
|
Term
___ does not use username and password combinations but uses a Shared Secret which is stored locally in clear text. |
|
Definition
| Challenge Handshake Authentication Protocol (CHAP) |
|
|
Term
___ is an authentication and accounting service that uses username and password combinations but transmits the username and password in encrypted form. |
|
Definition
| Remote Authentication Dial-In User Service (RADIUS) |
|
|
Term
____ does not use username and password combinations but uses a Shared Secret which is stored locally in encrypted form. |
|
Definition
| Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) |
|
|
Term
___ is capable of mutual authentication of both the client and the server. |
|
Definition
|
|
Term
| A ___ is a type of badge or card that can allow access to multiple resources including buildings, parking lots, and computers. |
|
Definition
|
|
