Authentication Methods and Security

Questions and Answers

What is a common way someone can impersonate you using a device?

• By using your social media credentials
• By accessing your online banking information
• By guessing your password
• By finding your unprotected device (correct)

Which of the following scenarios involves 'something you know' for authentication?

• Using a fingerprint scanner to unlock a device
• Entering a username and password for an OS (correct)
• Accessing a secure location using a physical key
• Using an authentication app for two-factor verification

What does 'something you are' typically refer to in authentication?

• Biometric identifiers like fingerprints or iris scans (correct)
• Access tokens issued by a service
• Behavior patterns of a user
• Passwords and PINs

In implementing multi-factor authentication, which scenario would use 'something you have'?

Using a mobile phone app for verification (A)

What does phishing rely on to successfully capture sensitive user data?

Enticing users to provide personal information via malicious links (C)

What could potentially trick an iris scan, as demonstrated in an example?

A contact lens mimicking the user's iris pattern (A)

What is an example of an attack that utilizes 'something you know' for unauthorized access?

Executing a phishing attack to obtain passwords (D)

In what situation would you primarily need 'something you have'?

When logging into corporate servers (A)

What is the purpose of using TLS certificates when navigating websites?

To ensure the site’s authentication and user safety (A)

How does biometric spoofing occur in the context described?

By using contact lenses that resemble the user’s iris (C)

What is the main vulnerability of ATMs mentioned in the content?

They are often insecure due to compromised machines (C)

What is indicated as ineffective against SMTP phishing attacks?

Two-factor authentication (B)

What could be a secondary authentication factor to enhance security?

Answering a personal security question (C)

Why is introducing a second authentication factor ineffective for insecure ATMs?

It does not address the risks associated with the hardware of the ATMs (D)

Which of the following statements is true regarding the effectiveness of two-factor authentication?

It can significantly increase the difficulty of conducting certain attacks (D)

What method can prevent attacks on compromised ATMs?

Validating all ATMs within the country (B)

What is a requirement for maintaining an active remote RDP session?

RDP Automatic Reconnection must be enabled. (B)

What is the risk associated with not disabling the RDP automatic reconnection option?

It allows unauthorized access to the unlocked session. (D)

What scenario demonstrates the risk of leaving an RDP session open?

A user accessing documents while the connection is active. (D)

What should be done instead of locking a remote desktop session?

Disconnect from the session. (D)

In a scenario where a user has disabled RDP automatic reconnection, what happens during a network issue?

The authentication cannot be bypassed. (B)

Who is considered the verifier in the RDP remote access process?

The remote server itself. (B)

What role does the claimant play in the remote server access process?

The user attempting to connect to the server. (C)

What must the claimant introduce to access the remote server remotely?

The credentials of the remote server. (A)

Who is the verifier when accessing data on a hard disk?

The Operating System (A)

What method can a user employ to authenticate access to data if a passphrase is not used?

Biometrics (B)

What is the default lockout time for failed login attempts?

10 minutes (D)

What is a potential security risk of leaving a session locked instead of disconnected?

Possibility of a man-in-the-middle attack (A)

What is the default number of allowed mistakes before a password lockout occurs?

3 (B)

What happens to the contact with the remote server when an RDP session is disconnected?

It loses contact, preventing bypass of authentication (C)

What factor increases the certainty that a passphrase has not been leaked when accessing a hard disk?

Secure storage of the passphrase (C)

What is an advantage of authenticating by something you know?

It is convenient as it only requires a username and password. (D)

Which of the following is a disadvantage of using biometric authentication?

Sensors may not be accurate or trustworthy. (C)

Why might someone rely on the same password for multiple accounts?

They forget their passwords frequently. (D)

What is a major risk associated with physical tokens used for authentication?

Losing the token can prevent authentication. (A)

What could happen if a user's fingerprint sensor fails?

They may be unable to unlock their device. (C)

What is one potential reason for relaxing the number of login attempts for users?

To prevent users from getting frustrated. (C)

Why is it crucial for the root user not to be locked out of the system?

A locked root user means no maintenance can be conducted on the system. (A)

What could be a consequence of a default configuration that restricts user logins?

Users may have to frequently call IT for assistance. (D)

Which statement best describes the difference between authentication and authorization?

Authentication verifies identity, while authorization grants permissions. (A)

What issue might arise from a user unintentionally locking their personal account?

The user may be barred from accessing work-related files. (D)

What is one disadvantage of having overly restrictive security measures in a system?

The system may become unusable for legitimate users. (C)

How can easier management of user accounts benefit organizations?

Less time and effort are spent by IT to resolve issues. (C)

What might happen if a family member tries to login repeatedly, leading to an account lockout?

The user will need to contact IT to unlock the account. (D)

Flashcards

Authentication Methods

Authentication methods rely on something you know, something you are, or something you have.

Something You Know

Using a password or PIN is a common example of "something you know".

Something You Are

Biometric authentication, like fingerprint or facial recognition, falls under "something you are".

Something You Have

A physical token or keycard is an example of "something you have".

Authentication Advantages and Disadvantages

Each authentication method has advantages and disadvantages. Consider convenience, security, and potential risks.

Iris Spoofing

A type of biometric spoofing attack where the attacker creates a fake iris replica, attempting to authenticate an unattended device using the stolen biometric data.

ATM Card Skimming

An attack targeting ATMs where the attacker installs skimming devices to steal card information.

TLS Certificate Authentication

A security measure where websites verify their authenticity through a digital certificate, ensuring secure communication with the user's browser.

Phishing Attack

An attack where a user clicks on a malicious link in an email, leading to a fake website requesting sensitive information.

Two-Factor Authentication

A security method that requires users to provide two or more independent authentication factors (e.g., password and fingerprint) for accessing an account or device.

ATM Hardware Verification

A security measure designed to prevent unauthorized access to ATMs by verifying the authenticity and functionality of the ATM hardware.

Phishing Attack (Something You Know)

The attacker tricks the user into giving away personal data by pretending to be someone they are not, like a trusted organization.

Malicious Software (Something You Know)

A malicious software program is installed on the user's device when they click on a link in a phishing email. This software can record sensitive data.

Biometric Vulnerability (Something You Are)

The iris scan on Samsung Galaxy S8 was fooled by a simple contact lens, showing that biometric authentication can be vulnerable to trickery.

Physical Token (Something You Have)

A physical token that is used to access a system, like an employee badge or a hardware key.

Multi-Factor Authentication (Something You Have)

When accessing high-security systems, a physical token can be combined with another authentication method for extra protection, like a PIN code.

Lost or Found Devices (Something You Have)

Attackers can exploit the vulnerability of devices being found by someone who can then impersonate the user.

Biometric Authentication Vulnerability

Authentication methods like fingerprints or facial recognition can be vulnerable to spoofing or hacking attempts.

SIM Card Swap Attack (Something You Have)

An attacker can use a phone with a stolen SIM card to gain access to user accounts associated with the SIM, by impersonating the user.

RDP Automatic Reconnection Vulnerability

A security flaw in the RDP protocol where an attacker can gain access to a locked session if automatic reconnection is enabled.

RDP Automatic Reconnection

When enabled, RDP automatically reconnects to a remote session after a network interruption.

Disabling RDP Automatic Reconnection

Disabling automatic reconnection helps prevent attackers from exploiting the RDP vulnerability.

RDP Authentication

A method of verifying the identity of a user or system attempting to access a resource. In RDP, this involves entering the username and password of the remote server.

Claimant (RDP)

A person or entity who wants to access a resource and has a claim of authorization.

Verifier (RDP)

The entity that verifies the identity of the claimant and determines whether to grant access.

Claim (RDP)

The statement made by the claimant, claiming authorization to access the resource.

Convincing (RDP)

The process of confirming the claim made by the claimant, by establishing their identity and validating their credentials.

RDP Client Verification Process

The process of verifying a request to access a resource, in this case, the RDP client. The verifier analyzes the provided credentials and determines whether they align with the legitimate owner.

RDP Client Access Claimant

The entity attempting to gain access to the RDP client. This could be an individual or an automated process.

RDP Client Verification Evidence

The proof provided by the claimant to ensure their identity and legitimacy. In RDP, this is usually a username and password.

RDP Client Authentication Method

The action taken by the verifier to assess the provided credentials. This could be a simple check against a database or a more complex authentication procedure.

Disconnecting RDP Session

The action of disconnecting an active RDP session, effectively ending the remote connection. This can be a security mitigation tactic against unauthorized or compromised sessions.

Man-in-the-Middle (MITM) Attack on RDP

A type of attack where an attacker intercepts communication between an RDP client and server. They can attempt to steal credentials or gain unauthorized access.

Hard Disk Data Access Verification

The operating system acts as the gatekeeper for accessing data on the hard drive. It verifies user authentication to ensure data security.

Hard Disk Data Access Claim

The user's claim to be the rightful owner of the data on the hard disk or to have authorization for access. This is determined through authentication.

Authentication

The process of verifying a user's identity, proving they are who they claim to be.

Authorization

The act of granting permission for a user to perform specific actions within a system.

Login Attempt Limits

A security measure to prevent brute-force attacks by limiting the number of login attempts allowed within a short period.

Root User Exception

A configuration where login limits are relaxed for root users, allowing them to access the system even after multiple failed attempts.

Unusable System Due to Security

A situation where excessive security measures make a system difficult or inconvenient to use.

Productivity Loss Due to Account Lockouts

A problem arises when users frequently need to contact IT to unlock their accounts and this impacts productivity.

Advantages of User Account Management

The advantage of easier user account management for IT departments and allowing users to access their personal settings from work.

Authentication vs. Authorization

The difference between authentication and authorization is that authorization can be granted even if an attacker previously managed to authenticate successfully.

Study Notes

Authentication Methods

• Authentication methods involve verifying a user's identity.
• Three common methods include: something you know (passwords), something you are (biometrics), and something you have (tokens).

Advantages and Disadvantages

• Something you know:

  • Advantage: Convenient, immediate login.
  • Disadvantage: Forgetting passwords, susceptibility to phishing.

• Something you are:

  • Advantage: No need to remember passwords, generally secure.
  • Disadvantage: Sensor/camera errors, physical limitations (e.g., injury).

• Something you have:

  • Advantage: Secure against password guessing, phishing.
  • Disadvantage: Device loss or compromise.

Authentication in Operating Systems

• Password entry during OS login.
• Using authentication during system updates.
• Enabling authentication when using apps external from the OS store.
• Accessing sensitive accounts or administrative controls via secure authentication (e.g., multi-factor authentication)

Attacks on Authentication Methods

• Something you know: Phishing (tricking a user into revealing credentials).
• Something you are: Biometric spoofing (e.g., using a contact lens to mimic eye recognition).
• Something you have: Cloning devices for ATM/security access.

Two-Factor Authentication

• Does protect against many attacks on other methods.
• Helpful second factor methods (e.g., passcodes, security tokens) protect against those attacks.

Description

This quiz explores different authentication methods used to verify user identities, including their advantages and disadvantages. It covers three main types: something you know, something you are, and something you have. Additionally, it discusses the role of authentication in operating systems and application security.