Module 12 Authentication Flashcards

Questions and Answers

How is the Security Assertion Markup Language (SAML) used?

It is no longer used because it has been replaced by LDAP.

It allows secure web domains to exchange user authentication and authorization data. (correct)

It is an authenticator in IEEE 802.1x.

It serves as a backup to a RADIUS server.

Which of the following is the Microsoft version of EAP?

AD-EAP

PAP-Microsoft

EAP-MS

MS-CHAP (correct)

Which of the following is NOT used for authentication?

Something you exhibit

Something you can do

Somewhere you are

Something you can find (correct)

Ilya has been asked to recommend a federation system technology that is an open source federation framework supporting the development of authorization protocols. Which of these technologies would he recommend?

OAuth Signup and view all the answers

How is key stretching effective in resisting password attacks?

It takes more time to generate candidate password digests. Signup and view all the answers

Which of these is NOT a reason that users create weak passwords?

The length and complexity required force users to circumvent creating strong passwords. Signup and view all the answers

Fernando is explaining to a colleague how a password cracker works. Which of the following is a valid statement about password crackers?

Password crackers differ as to how candidates are created. Signup and view all the answers

Which attack uses one or a small number of commonly used passwords to attempt to log in to several different user accounts?

Password spraying attack Signup and view all the answers

Why are dictionary attacks successful?

Users often create passwords from dictionary words. Signup and view all the answers

Which of these attacks is the last-resort effort in cracking a stolen password digest file?

Brute force Signup and view all the answers

Which of the following should NOT be stored in a secure password database?

Plaintext password Signup and view all the answers

Which of the following is NOT an MFA using a smartphone?

Biometric gait analysis Signup and view all the answers

Timur was making a presentation regarding how attackers break passwords. His presentation demonstrated the attack technique that is the slowest yet most thorough attack that is used against passwords. Which of these password attacks did he demonstrate?

Brute force attack Signup and view all the answers

Which human characteristic is NOT used for biometric identification?

Height Signup and view all the answers

_____ biometrics is related to the perception, thought processes, and understanding of the user.

Cognitive Signup and view all the answers

Which of the following is an authentication credential used to access multiple accounts or applications?

Single sign-on Signup and view all the answers

Study Notes

Authentication Protocols

Security Assertion Markup Language (SAML) enables secure exchange of authentication and authorization data between web domains.
Microsoft’s version of Extensible Authentication Protocol (EAP) is known as MS-CHAP.

Authentication Factors

Four main types of authentication factors include:
- Something you exhibit (e.g., biometrics)
- Somewhere you are (e.g., location)
- Something you can do (e.g., gestures)
- Something you can find is NOT considered an authentication factor.

Federation Technologies

OAuth is an open-source federation framework recommended for developing authorization protocols.
Alternatives include Shibboleth, OpenID, and NTLM.

Password Security and Cracking

Key stretching increases the time required to generate candidate password digests, enhancing resistance to attacks.
Users often create weak passwords due to:
- Complexity and length requirements that encourage shortcuts.
- Difficulty in remembering complex passwords.
- Policies mandating regular password changes.

Password Cracker Functionality

Password crackers vary in candidate creation methods and aim to discover the hashing algorithm used.
They require minimal computing power due to their design.

Password Attack Types

Password spraying attacks use a few common passwords across multiple accounts.
Dictionary attacks are effective since users commonly select dictionary words for passwords.
Brute force attacks serve as a last-resort method for cracking stolen password digest files.

Secure Password Storage

Plaintext passwords should NOT be stored in a secure password database; only hashed passwords, salts, and iteration counts should be kept.

Multi-Factor Authentication (MFA)

MFA options through smartphones include:
- Automated phone calls
- Authentication apps
- SMS text messages
- Biometric gait analysis is NOT recognized as an MFA method using smartphones.

Biometric Identification

Examples of biometric identifiers include:
- Iris recognition
- Fingerprint analysis
- Retina scanning
- Height is NOT considered a biometric characteristic.

Cognitive Biometrics

Cognitive biometrics relate to the understanding and thought processes of the user, presenting a unique approach to identification.

Single Sign-On (SSO)

SSO allows users to access multiple accounts or applications using a single authentication credential, streamlining the authentication process.

Studying That Suits You

Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

Description

Test your knowledge on authentication methods and technologies in this quiz on Module 12. Understand concepts like SAML and its role in secure web domain communication. Perfect for students looking to reinforce their learning in cybersecurity.