Authentication Station
A numerical code used with security devices, known only to the user.
What is a personal identification number (PIN)?
Rules that manage user security settings, like password expiration.
What are account policies?
A portable device used for multifactor authentication, often connecting via USB or NFC.
What is a security key?
A basic principle of security that assigns the minimum necessary access rights.
What is least privilege?
A protocol for accessing network directory databases.
What is Lightweight Directory Access Protocol (LDAP)?
A process that enables shared login across multiple systems.
What is federation?
A tool that helps generate and store complex passwords for various sites and apps.
What is a password manager?
Settings that determine who can access certain files or network resources.
What are permissions?
A temporary code sent to a registered device or email for two-step verification.
What is a soft authentication token?
The process of setting up an account or application in a production environment.
What is provisioning?
A unique identifier for a resource within a directory.
What is a distinguished name (DN)?
The service in a federated network that holds user accounts and performs authentication.
What is an identity provider (IdP)?
Guidelines for creating and maintaining secure passwords.
What are password best practices?
A collection of user accounts that simplifies setting permissions for multiple users.
What is a group account?
A security method that uses physical and ownership factors, but not passwords.
What is passwordless?
The process of removing an account or application from a production environment.
What is deprovisioning?
A service that stores identity information for network objects like users and printers.
What is a directory service?
An XML-based format for exchanging authentication information.
What is Security Assertion Markup Language (SAML)?
A temporary password valid for only one session.
What is a one-time password (OTP)?
An access control model where the resource owner manages who can access it.
What is Discretionary Access Control (DAC)?
A card-like device that stores authentication information on an embedded chip.
What are smart cards?
A unique value assigned to an account by Windows for identification.
What is a security identifier (SID)?
A technology that allows a user to log in once and access multiple services.
What is single sign-on (SSO)?
An XML-based protocol for exchanging messages in web services.
What is Simple Object Access Protocol (SOAP)?
A security method requiring multiple types of credentials, such as something you know and something you have.
What is multifactor authentication (MFA)?
An access control method that uses various attributes to decide if access should be granted.
What is Attribute-Based Access Control (ABAC)?
The ability of a security device to prove it is trustworthy.
What is attestation?
Policies that restrict user access based on the time of day.
What are time-of-day restrictions?
A single sign-on system that uses time-sensitive tickets for authentication.
What is Kerberos?
A stateless architectural style used by web applications for communication.
What is Representational State Transfer (REST)?
A security token created by a dedicated hardware device, used in multifactor authentication.
What is a hard authentication token?
An access control model where permissions are based on job roles and managed by administrators.
What is Role-Based Access Control (RBAC)?
A metric that measures how often valid users are incorrectly denied access.
What is the False Rejection Rate (FRR)?
Settings deployed on a Windows domain to manage user and computer configurations.
What are group policy objects (GPOs)?
A component of Kerberos that issues authentication tickets.
What is a key distribution center (KDC)?
A standard for identity management that allows resource servers to work with accounts from a separate provider.
What is Open Authorization (OAuth)?
A method of verifying identity using physical traits like fingerprints or facial patterns.
What is biometric authentication?
An access control model with strict, system-defined rules for resource access.
What is Mandatory Access Control (MAC)?
A metric that measures how often unauthorized users are incorrectly granted access.
What is the False Acceptance Rate (FAR)?
Management of accounts and credentials with administrative permissions.
What is Privileged Access Management (PAM)?
A token in Kerberos that allows access to application servers.
What is a Ticket Granting Ticket (TGT)?
A file format that uses attribute-value pairs for configuration.
What is JavaScript Object Notation (JSON)?