Identity Management Basics Quiz
42 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the primary purpose of identity management?

  • To analyze social engineering tactics
  • To actively administer access privileges to users and resources (correct)
  • To manage malware threats within a network
  • To monitor physical security measures
  • Which of the following is NOT part of the IAAA process?

  • Authentication
  • Accounting
  • Authorization
  • Application Management (correct)
  • What is a key factor in ensuring scalable identity management?

  • Utilizing social engineering tactics
  • Regularly changing authentication factors
  • Cracking passwords efficiently
  • Federated identities (correct)
  • What is the function of password managers in identity management?

    <p>To securely store and manage user passwords</p> Signup and view all the answers

    Which module addresses the concept of personally identifiable information?

    <p>Mod 7: Identity Management</p> Signup and view all the answers

    What does the concept of 'dirctory services' relate to in identity management?

    <p>The management of enterprise-wide user credentials</p> Signup and view all the answers

    Which of these is a factor used for authentication?

    <p>Usernames</p> Signup and view all the answers

    What is the purpose of password policies in identity management?

    <p>To set standards for password complexity and management</p> Signup and view all the answers

    What does AAA stand for in the context of network device access?

    <p>Authentication, Authorization, and Accounting</p> Signup and view all the answers

    Which of the following is NOT recommended when implementing remote administration for network devices?

    <p>Allowing access from any IP address</p> Signup and view all the answers

    What should be disabled on edge devices due to security concerns?

    <p>Link Layer Discovery Protocol (LLDP)</p> Signup and view all the answers

    What is the primary reason for limiting remote administration access to network devices?

    <p>To prevent unauthorized exploitation</p> Signup and view all the answers

    Which protocol is similar in configuration and verification to LLDP?

    <p>Cisco Discovery Protocol (CDP)</p> Signup and view all the answers

    In the context of network management, what should be prioritized when configuring AAA?

    <p>Granular access controls</p> Signup and view all the answers

    What aspect of network security does limiting physical access relate to?

    <p>Preventing physical tampering and breaches</p> Signup and view all the answers

    What is a common oversight organizations make regarding telecom closets?

    <p>Neglecting physical security measures</p> Signup and view all the answers

    What method is suggested to ensure secure physical access to IT resources?

    <p>Access cards and a 2-man rule</p> Signup and view all the answers

    Which protocol should be limited during remote administration to enhance security?

    <p>Simple Network Management Protocol (SNMP)</p> Signup and view all the answers

    What can the compromise of a single device lead to in a network?

    <p>Disruption of a significant portion of the network</p> Signup and view all the answers

    What is one of the primary functions of implementing AAA in network security?

    <p>To control and log user access</p> Signup and view all the answers

    What should be avoided in administrative access configurations?

    <p>Implementing broad user permissions</p> Signup and view all the answers

    What method does a brute force attack utilize to crack passwords?

    <p>It tests every password possibility within defined parameters.</p> Signup and view all the answers

    What is the primary function of rainbow tables in password cracking?

    <p>To compare stored hashes against a target system's hash.</p> Signup and view all the answers

    What is a key feature of dictionary attacks?

    <p>They use a list of predefined words as passwords.</p> Signup and view all the answers

    Which statement about rainbow tables is incorrect?

    <p>They can be used to generate new passwords.</p> Signup and view all the answers

    What accelerates the process of brute force attacks?

    <p>Employing GPUs for accelerated processing.</p> Signup and view all the answers

    What is the purpose of authentication in information security?

    <p>To verify user identity</p> Signup and view all the answers

    Which of the following items is considered personally identifiable information?

    <p>Social security numbers</p> Signup and view all the answers

    What does the term 'something you have' refer to in the context of authentication?

    <p>A physical token or device</p> Signup and view all the answers

    Which of the following best describes 'something you know' in authentication?

    <p>A password or PIN</p> Signup and view all the answers

    What is the primary difference between authentication and authorization?

    <p>Authentication is about validating user identity, while authorization grants access levels.</p> Signup and view all the answers

    Which factor can help strengthen the security of an authentication process?

    <p>Implementing a two-factor authentication system</p> Signup and view all the answers

    What is meant by 'accountability' in the context of information security?

    <p>Tracking user actions and access patterns</p> Signup and view all the answers

    Which one of the following is an example of a knowledge factor used in authentication?

    <p>Password</p> Signup and view all the answers

    What is the primary purpose of AAA in relation to network devices?

    <p>To enforce change control processes and log access</p> Signup and view all the answers

    Which of the following protocols does 802.1X use for access control?

    <p>RADIUS, DIAMETER, and TACACS+</p> Signup and view all the answers

    What is a recommended action to mitigate the security risks associated with SNMP?

    <p>Harden devices that have SNMP enabled and create ACLs</p> Signup and view all the answers

    At which layer of the OSI model does 802.1X operate?

    <p>Data link layer</p> Signup and view all the answers

    Why is SNMP considered a potential security hole?

    <p>It is often enabled by default on many devices</p> Signup and view all the answers

    What does the acronym AAA stand for in network security?

    <p>Access, Accounting, Authorization</p> Signup and view all the answers

    What action should be taken regarding SNMP on devices that are not being monitored?

    <p>Disable SNMP to reduce security risks</p> Signup and view all the answers

    Which user has the highest access level according to the provided access levels?

    <p>User 1 with access level 15</p> Signup and view all the answers

    Study Notes

    Cybersecurity Foundations Session 4

    • Cybersecurity Awareness module (Mod 1)
    • Trends in Cybersecurity (Mod 16)
    • Legal Considerations (Mod 15)
    • Incident Response (Mod 14)
    • Physical Security (Mod 13)
    • Network Discovery (Mod 2)
    • Systems Hardening (Mod 3)
    • Security Architecture (Mod 4)
    • Data Security (Mod 5)
    • Public Key Infrastructure (Mod 6)
    • Identity Management (Mod 7)
    • Network Hardening (Mod 8)
    • Malware (Mod 9)
    • Social Engineering (Mod 10)
    • Software Security (Mod 11)
    • Environment Monitoring (Mod 12)

    Identity Management

    • Actively administers subjects, objects, and access privileges
    • Ensures identities receive appropriate access to resources
    • Ensures systems remain scalable in granting access to resources

    IAAA Process

    • Identification
    • Authentication
    • Uniqueness
    • Verification
    • Authorization
    • Validation
    • Accountability
    • Tracking

    Personally Identifiable Information (PII)

    • Any data used to identify a subject
    • Items at risk: Social security number, mother's maiden name, birthdate, billing addresses, email addresses, account numbers, passwords, system information, company/government data

    Authentication Factors

    • Access control using multiple factors
    • Something you know (e.g., password, passphrase, PIN)
    • Something you have (e.g., smart card, certificate, token, USB key, virtual cards, TAN)
    • Something you are (e.g., biometric devices like fingerprint reader, hand geometry, retina scanner, facial recognition, iris recognition, signature analysis)

    Directory Services

    • Special databases holding usernames and passwords
    • Scalable hierarchy (trees, OUs)
    • Rely on common standards (X.500, LDAP)
    • Hold different partitions

    Kerberos

    • Primary authentication service for directories
    • Allows users, services, or computers to centrally authenticate
    • Involves three components: Authentication Service (AS), Key distribution center (KDC), Ticket-granting server (TGS)

    Windows NT LAN Manager (NTLM)

    • Protocol for client/server authentication in Windows networks
    • Involves a challenge-response system

    Password Policies

    • Define how secrets are generated
    • Parameters include minimum character number, password complexity, maximum password age, password history, and reversible encryption capability
    • A strong password is difficult for systems to compute, but easy for humans to remember

    Dictionary Attacks

    • Use predefined words as passwords to attempt login
    • Method for cracking passwords

    Rainbow Tables

    • Store hashes of possible passwords
    • Compare hashes in a table against the hash stored in a system's security database to find matches
    • No mathematical operations performed
    • Requires the hash of the target system

    Brute Force Attacks

    • Relies on all possible password combinations
    • Defined ranges of parameters for password cracking
    • Tests every possibility within the defined parameters
    • Often uses GPUs for accelerated cracking

    Password Assessment Tools

    • Tools for assessing password security
    • Examples; Cain and Abel, LOphtcrack, Ophcrack, Crackstation.net, John the Ripper

    Password Managers

    • Centralized authentication systems
    • Improve security by requiring extra login steps
    • Allow password resets
    • Manage services that can use specific credentials
    • Store personal passwords on the local system
    • Password consolidation, Security questions, Password reset, Permitted services

    Same Sign-on

    • Password synchronization between independent systems
    • Replicates login credentials from one system to another
    • Systems stay independent and share little information
    • Not a trust relationship; does not belong to the same directory structure

    Group Accounts

    • Enable multiple users to authenticate
    • Should not be used

    Service Accounts

    • Local or directory accounts used to run different roles or services
    • Presentation as a subject to the system
    • Examples; SQL server, Backup solution, Websites

    Federated Identities

    • A single sign-on method; One account is used for multiple services
    • User authenticates to a system, obtains a token, presents the token to a third-party system, the third-party system validates the token, access is granted if the token is valid

    Identity as a Service (IDaaS)

    • Credentials are stored in the cloud and used for cloud services
    • Can be considered single sign-on

    Limiting Remote Admin Access

    • Exploiting a network device with remote access can impact the network
    • Implement AAA for administrative, engineering, and root access
    • Limit protocols for remote administration
    • Limit locations from where remote administration can be done

    AAA: Administrative Access

    • Leverage AAA to control access to network devices
    • Granular authorization control and log access, commands, and changes
    • Enforce change control process

    AAA for Accessing Network Devices

    • 802.1X forces all access to go through AAA
    • Operates at the logical link control sub-layer of OSI layer 2
    • RADIUS, DIAMETER, and TACACS+ run to 802.1X

    SNMP (Simple Network Management Protocol)

    • Enables management of network devices
    • Use access control lists (ACLs) to limit SNMP traffic from unwanted sources
    • On devices that are being managed and monitored, change default community strings

    Network Segmentation

    • Dividing a network into smaller subnetworks (VLANs)
    • Isolates resources and limits potential impact from one device's compromise to a network
    • Use firewalls, routers, DMZ, and subnets

    Rules on Routers and Firewalls

    • ACLs are primarily lists of permit/allow statements
    • By default, ACLs are configured to block everything
    • ACL design can be a performance issue; prioritize more utilized rules at beginning of ACL list
    • Creating an ACL with no entries will block all traffic

    Router and Firewall Management

    • Networking: Moves traffic quickly and efficiently
    • Security: Limits traffic movement
    • Router; Moves traffic
    • Firewall; Limits traffic

    Discovery Protocols (CDP and LLDP)

    • Make it easy to find and track network devices
    • Gathering potentially sensitive information
    • Should be disabled unless in use

    Limiting Physical Access; Internal

    • Equipment that can be accessed can be compromised
    • Compromising one device can significantly impact the network
    • Secure cabling, wireless access points, and SPOF(Single Point of Failure)

    Locking Telecom Closets

    • Secure physical access, keys, access cards, 2-man rule
    • Don't forget change management

    Controlling Network Device Ports

    • Implement AAA
    • Use ACLs to restrict access to devices ports
    • Disable auxiliary ports if unused

    Limiting Physical Access, External

    • Physical security outside facilities is harder to control
    • Potential compromises can occur to cabling, AP's, cameras, lighting (natural disasters, accidental tampering)
    • Cabling, wireless access points in security plans

    Establishing Secure Access

    • Disable insecure protocols (Telnet, HTTP, SNMPv1)
    • Use/insist on AAA
    • Limit locations for management traffic
    • Drop all other traffic to device directly
    • Log all access

    Network Devices

    • Firewall, IDS(Intrusion Detection System) / IPS(Intrusion Prevention System), Router/Switch/AP, PC/laptop/tablet, Printer/scanner/copier, Spam/malware filter, Badge/access card printer

    Wireless Access Points

    • Change default passwords, SSIDs, broadcast of SSID, radio power, radio channels, Wireless administrative access, directional antennas
    • Mount APs in secure locations, high up, and hidden
    • Secure wire for APs and don't install near RFI inducing devices(microwave ovens, electric motors, other wireless devices)

    Changing Default Settings

    • Apply default settings changes to all IT equipment
    • Bad guys can easily access default configurations
    • Admin access, password, SNMP community strings, logging

    Fundamental Device Protection Summary

    • Secure both physical and logical access
    • Authenticate individual users
    • Disable device access methods not in use
    • Protect SNMP, disabling if not used
    • Synchronize clocks
    • Implement warning banners, verify device integrity regularly, time out admin access, permit remote admin over secure paths, change default settings

    Traffic Filtering Practices

    • Deny all traffic explicitly
    • Permit only needed traffic
    • Drop traffic to network control devices that aren't from trusted networks
    • Implement filters as close to the source as possible
    • Make filtering the primary responsibility of firewalls
    • Defense in depth, defense in diversity, log exceptions

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Related Documents

    Description

    Test your knowledge on the primary concepts of identity management. This quiz covers topics such as IAAA processes and the role of password managers. Assess your understanding of key factors that ensure scalable identity management.

    More Like This

    Identity Management and Security Quiz
    5 questions
    Identity and Access Management
    8 questions
    NIMC Identity Management Overview
    5 questions
    Use Quizgecko on...
    Browser
    Browser