Acronym
This provides identification and authentication but doesn't provide authorization.
Bonus: AAA
What is SSO - Single Sign On
What is Authentication, Authorization and Accounting?
Members of a Power Plant need shared access to a school system.
A____ identity link's a users credentials from different networks or OS but ____ treats it as one identity.
What is Federated?
What is Federation?
4 Main Account Types
What are:
End User Account
Privileged Account
Guest Account
Service Account
1. adminstrator creates role
2. administrator assigns rights and permission to role
3. adminstrator assigns a user to a role
What is Role - Based Access Control?
Assigned rights and permissions to a group then add users to group specifies user administrative.
Bonus: an administrator creates a role, and then assigns specific rights and permissions to the role (not the user)
What is Group Based Privilege?
Bonus: What are Role Based Privileges?
Point where the ____ crosses over with the ____ creating a _____ the biometric system is more accurate.
What is FRR?
What is FAR?
What is CER?
1. Cheapflights.com allows the user to sign in the website using Facebook login and gives the user a more customized experience.
2. Using Paypal to pay for an item purchased on a GetDogFood.com
1. What is OpenID?
2. What is OAuth?
Homer trusts Moe
Moe trusts Jane
Home trusts Jane
Bonus: Rights and permissions assigned to an authorized user
What is transitive trust?
Bonus: What are Privileges?
1. adds users to sales group
2. add sales group to sales folder
3. assign permissions to sales group for that folder.
What is Group Based Privilege?
Any characteristic of a user, the environment or the resource
Bonus: SDN's use this model.
What are attributes?
What is Attributes Based Access Control?
Provides security by allowing users and administrators to restrict access to files and folders with permission (2 part)
What is NTFS - New Technology File System?
Provides mutual authentication that can help prevent man in the middle attacks and use tickets to help prevent replay attacks
What are Kerberos?
1. Individuals are granted only the data and information needed to perform which is usually protected by permissions.
2. Individuals are granted only the rights and permissions needed to perform
1. What is Need to Know?
2. What is Least Privilege?
Bart: Full Control
Jane: Read
John: Modify
What is a DACL - Discretionary Access Control List?
defines the traffic that the devices allow into the network, such as HTTP traffic for web browsers.
Routers and firewalls use this within ACL's
What are Rule Based Access Controls?
NTLM
Three Versions of NTLM
What is New Technology LAN MAnager?
What is NTLM, NTLMv2, NTLM2
Password
Smart Cards
Retina Scan
Geolocation
Gestures on Touch Screen
What is:
something you know
something you have
something you are
somewhere you are
something you do
Once a company grants authorization, a SSO can be used to exchange authenticated and authorized information between parties using...
What is SAML - Security Assertion Markup Language
done using scripts to automate the process
provides a list of inactive accounts
scripts provide additional check to ensure inactive accounts are disabled.
What is Account Maintenance?
Objects has a owner that establishes access for the objects.
Bonus: provides security by allowing users and administrators to restrict access to files and folders with permissions.
What is Discretionary Access Control - DAC
Bonus: What is New Technology File System - NTFS
Confidentiality technical control.. this is used to identify objects in query strings with codes. Can also encrypt transmissions with TLS
Bonus: TLS
What is Lightweight Directory Access Portal?
Bonus: What is Transport Layer Security?
Open source making it easier for developers to expand its usefulness
What is Shibboleth?
Collection of information that provides an identity (username) and proves that identity (password)
Bonus: Identify a set of IP address that are accepted (hint: used in Location Based Policies)
What are Credentials?
Bonus: What is Whitelisting?
A ___ system has a lot of flexibility and enforce both a DAC and MAC models.
What is a ABAC- Attribute Based Access Control?
Divided access into separate compartments based on a need to know.
Bonus: Uses label to determine access
What is Lattice?