Podcast
Questions and Answers
What is digital identity according to NIST SP 800-63-3?
What is digital identity according to NIST SP 800-63-3?
- A unique username and password combination
- A process of determining the validity of one or more authenticators
- A type of multifactor authentication
- A unique representation of a subject engaged in an online transaction (correct)
What is the primary goal of digital user authentication?
What is the primary goal of digital user authentication?
- To enforce a minimum password complexity
- To identify information system users
- To authenticate the identities of users, processes, or devices (correct)
- To store and transmit only cryptographically-protected passwords
What is required for local and network access to privileged accounts?
What is required for local and network access to privileged accounts?
- Biometric authentication
- Replay-resistant authentication mechanisms
- Single-factor authentication
- Multifactor authentication (correct)
What should be done with identifiers after a defined period of inactivity?
What should be done with identifiers after a defined period of inactivity?
What should be prohibited for a specified number of generations?
What should be prohibited for a specified number of generations?
What should be done with authentication information?
What should be done with authentication information?
Flashcards are hidden until you start studying
Study Notes
Digital Identity
- A unique representation of a subject engaged in an online transaction.
Digital Authentication
- The process of determining the validity of one or more authenticators used to claim a digital identity.
Basic Security Requirements
- Identify information system users, processes acting on behalf of users, or devices.
- Authenticate (or verify) the identities of those users, processes, or devices as a prerequisite to allowing access to organizational information systems.
Derived Security Requirements
- Use multifactor authentication for:
- Local and network access to privileged accounts.
- Network access to non-privileged accounts.
- Employ replay-resistant authentication mechanisms for:
- Network access to privileged accounts.
- Network access to non-privileged accounts.
- Prevent reuse of identifiers for a defined period.
- Disable identifiers after a defined period of inactivity.
- Enforce minimum password complexity and change of characters when new passwords are created.
- Prohibit password reuse for a specified number of generations.
- Allow temporary password use for system logons with an immediate change to a permanent password.
- Store and transmit only cryptographically-protected passwords.
- Obscure feedback of authentication information.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.