Show:
Key Terms
Access Control Models
Access Control
RADIUS/TACACS+
Misc.
100
_______ accounts are user accounts that remain active after an employee has left the organization.
What is Orphaned?
100
This Access Control model is the least restrictive.
What is DAC?
100
A(n) _____ model is a standard that provides a predefined framework for hardware and software developers who need to implement access control in their devices or applications.
What is Access Control?
100
This is suitable for what are called "high-volume service control applications" such as dial-in access to a corporate network.
What is RADIUS?
100
_______ requires that if the fraudulent application of a process could potentially result in a breach of security, then the process should be divided between two or more individuals.
What is Separation of duties?
200
A user accessing a computer system must present credentials or ________ when logging on to the system.
What is Identification?
200
This Access Control model is often used for managing user access to one or more systems.
What is Rule Based Accessed Control?
200
Providing only the minimum amount of access necessary to perform a job or function is called?
What is Least privilege?
200
A RADIUS authentication server requires that the ________ be authenticated first.
What is Supplicant?
200
This indicates when an account is no longer active.
What is Account expiration?
300
The action that is taken by the subject over the object is called a(n) ____________.
What is Operation?
300
The most restrictive access control model is?
What is Mandatory Access Control?
300
This protocol for a client application allows access to an X.500 directory.
What is LDAP Lightweight Directory Access Protocol?
300
During RADIUS authentication the access point, serving as the authenticator that will accept or reject the wireless device, creates a data packet form this information called?
What is Authentication request?
300
This authentication system was developed by M.I.T. and is used to verify the identity of networked users.
What is Kerberos?
400
A user or a process functioning on behalf of the user that attempts to access an object is known as the __________.
What is Subject?
400
Considered a more real world access control, based on a user's job function within the organization.
What is Role Based Access Control?
400
Name 3 technologies that can be used for implementing Access Control?
What is Access control lists, group policy and account restrictions?
400
Developed by Cisco Systems this authentication service is commonly used on UNIX devices.
What is TACACS - Terminal Access Control Access Control System
400
A set of permissions that are attached to an object.
What is ACL?
500
What are the 4 basic steps in Access Control?
What is Identification, Authentication, Authorization and Access?
500
Name the 3 roles in Access Control and give a explanation of each.
What is Owner, Custodian or Administrator and End User? Owner - person responsible for the information Administrator - Individual to whom day to day actions are assigned by the owner. End user - Accesses the information in the course of their routine duties.
500
What are 3 recommendations in dealing with orphaned and dormant accounts?
What is Establish a formal process to deal with them. Terminate access immediately. Monitor logs
500
Give the difference in features between RADIUS and TACACS+. (Transport protocol, Authentication and authorization, Communication, Interaction with Kerberos and How it authenticates network devices)
What is Transport protocol RADIUS - UDP and TACACS+ - TCP, Authentication and authorization RADIUS - Combined and TACACS+ - Separated, Communication RADIUS - Unencrypted and TACACS+ - Encrypted, Interacts with Kerberos RADIUS - No and TACACS+ - Yes, Can authenticate network devices RADIUS - No and TACACS+ - Yes
500
Give the 5 best practices for Access Controls.
What is Separation of duties, Job Rotation, Least Privilege, Implicit Deny, and Mandatory Vacations?