Domain 4 Identity and Access Management
Help!
|
|
||||
|---|---|---|---|---|---|
| Authentication Factors | Something you are, something you have, something you know, somewhere you are, something you do
🗑
|
||||
| Physical Access Controls | biometrics, fingerprints, iris scans
🗑
|
||||
| Identification | presenting credentials or keys
🗑
|
||||
| TOTP | algorithm that relies on shared secret and moving factor or counter (Time-based One Time Password)
🗑
|
||||
| HOTP | algorithm specifies an event-based OTP algorithm, where the moving factor is an event counter. The present work bases the moving factor on a time value. A time-based variant of the OTP algorithm provides short-lived OTP values
🗑
|
||||
| Username & Password | most common form of authentication
🗑
|
||||
| Password Lockout | prevents brute-force attacks
🗑
|
||||
| Federation System | accounts in one area can be granted access rights to any other resource, whether local or remote within the domains
🗑
|
||||
| Radius | provides authentication and authorization functions in addition to network access accounting functions - does not provide access control
🗑
|
||||
| KERBEROS | supports mutual authentication, protecting against man-in-the-middle attacks
🗑
|
||||
| PAP | Password Authentication Protocol - weak authentication - strongly discouraged
🗑
|
||||
| OAUTH | provides authorization services, does not provide authentication such as Open ID and SAML
🗑
|
||||
| SAML - Security Assertion Markup Language | an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider.
🗑
|
||||
| IdP | source of username and password authenticates. SP provides service to user
🗑
|
||||
| Access Controls | these include MAC, DAC, ABAC, RBAC
🗑
|
||||
| CAC & PIV Cards | provide smar card functions for identity and authentication
🗑
|
||||
| Disabled, not deleted | employees that leave should have their accounts _______________
🗑
|
||||
| True | T/F Generic accounts used by multiple users should be prohibited - IE "Managers"
🗑
|
||||
| Role Based or Role/Group Based | logical controls managing users
🗑
|
||||
| TLS Technology using port 636 | LDAP traffic can be made confidential and secure through:
🗑
|
Review the information in the table. When you are ready to quiz yourself you can hide individual columns or the entire table. Then you can click on the empty cells to reveal the answer. Try to recall what will be displayed before clicking the empty cell.
To hide a column, click on the column name.
To hide the entire table, click on the "Hide All" button.
You may also shuffle the rows of the table by clicking on the "Shuffle" button.
Or sort by any of the columns using the down arrow next to any column heading.
If you know all the data on any row, you can temporarily remove it by tapping the trash can to the right of the row.
To hide a column, click on the column name.
To hide the entire table, click on the "Hide All" button.
You may also shuffle the rows of the table by clicking on the "Shuffle" button.
Or sort by any of the columns using the down arrow next to any column heading.
If you know all the data on any row, you can temporarily remove it by tapping the trash can to the right of the row.
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Created by:
Pillsburycreative
Popular Standardized Tests sets