Authentication Methods Quiz
6 Questions
4 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which of the following authentication methods uses a hardware or software token and is based on HMAC-based one-time password algorithm?

  • Smart Cards
  • Federation
  • Directory Services
  • HOTP (correct)
  • Which authentication method uses a physical card and a digital certificate with multiple factors?

  • Push Notification
  • TOTP
  • Smart Cards (correct)
  • Biometric Factors
  • Which authentication method uses biometric factors such as gait analysis and vascular scanners to verify identity?

  • Biometric Factors (correct)
  • Directory Services
  • SMS
  • Static Codes
  • What is the main difference between TOTP and HOTP authentication methods?

    <p>TOTP is time-based and HOTP is HMAC-based</p> Signup and view all the answers

    What is the main disadvantage of using SMS as an authentication factor?

    <p>Phone number reassignment</p> Signup and view all the answers

    What is the main advantage of using smart cards for authentication?

    <p>Multiple factors</p> Signup and view all the answers

    Study Notes

    Authentication Methods: Directory Services, Federation, Attestation, SMS, Push Notification, Authentication Apps, TOTP, HOTP, Phone Call, Static Codes, Smart Cards, Biometric Factors

    • Directory services keep all usernames and passwords in a single database, allowing for a large distributed database that is constantly replicated.
    • Federation provides network access to partners, suppliers, customers, etc. with SSO and allows third parties to establish a trust relationship.
    • Attestation proves the hardware is really yours, with remote attestation providing an operational report to a verification server.
    • SMS can be used as a login factor but has security issues such as phone number reassignment and message interception.
    • Push notification is similar to SMS but with a specialized app, still more secure than SMS but can have vulnerabilities.
    • Authentication apps use pseudo-random token generators for convenience, with software-based token generators available on phones.
    • TOTP is a common OTP method used by Google, Facebook, Microsoft, etc. with a time-based one-time password algorithm and a secret key configured ahead of time.
    • HOTP is a one-time password method using HMAC-based one-time password algorithm and can use hardware or software tokens.
    • Phone calls can provide the token but have similar disadvantages to SMS.
    • Static codes are authentication factors that don't change, such as personal identification numbers or passwords.
    • Smart cards are integrated circuit cards commonly used for credit cards and access control, requiring a physical card and using a digital certificate with multiple factors.
    • Biometric factors include fingerprint, retinal, iris, voice, facial recognition, gait analysis, and vascular scanners, with different acceptance rates such as false acceptance rate, false rejection rate, and crossover error rate.

    Authentication Methods: Directory Services, Federation, Attestation, SMS, Push Notification, Authentication Apps, TOTP, HOTP, Phone Call, Static Codes, Smart Cards, Biometric Factors

    • Directory services keep all usernames and passwords in a single database, allowing for a large distributed database that is constantly replicated.
    • Federation provides network access to partners, suppliers, customers, etc. with SSO and allows third parties to establish a trust relationship.
    • Attestation proves the hardware is really yours, with remote attestation providing an operational report to a verification server.
    • SMS can be used as a login factor but has security issues such as phone number reassignment and message interception.
    • Push notification is similar to SMS but with a specialized app, still more secure than SMS but can have vulnerabilities.
    • Authentication apps use pseudo-random token generators for convenience, with software-based token generators available on phones.
    • TOTP is a common OTP method used by Google, Facebook, Microsoft, etc. with a time-based one-time password algorithm and a secret key configured ahead of time.
    • HOTP is a one-time password method using HMAC-based one-time password algorithm and can use hardware or software tokens.
    • Phone calls can provide the token but have similar disadvantages to SMS.
    • Static codes are authentication factors that don't change, such as personal identification numbers or passwords.
    • Smart cards are integrated circuit cards commonly used for credit cards and access control, requiring a physical card and using a digital certificate with multiple factors.
    • Biometric factors include fingerprint, retinal, iris, voice, facial recognition, gait analysis, and vascular scanners, with different acceptance rates such as false acceptance rate, false rejection rate, and crossover error rate.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    Test your knowledge of authentication methods with this quiz! From directory services to biometric factors, this quiz covers a range of authentication methods used for network security. Brush up on your understanding of SMS, push notifications, TOTP, HOTP, phone calls, static codes, smart cards, and various biometric factors. This quiz will challenge your understanding of the pros and cons of each method and help you develop a better understanding of network security.

    More Like This

    Authentication Methods Quiz
    4 questions
    Enterprise Authentication Methods
    28 questions
    Use Quizgecko on...
    Browser
    Browser