Chapter 4 - 02 - Discuss Identity and Access Management (IAM) - 03_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Exam 212-82 Identification, Authentication, and Authorization Types of Authentication: Password Authentication O Password Authentication uses a combination of a username and a password to authenticate the network users Username: Username PassWord: sxswsssnas | Cancel O The password is checked against a database and the user is given access if it matches O Password authentication can be vulnerable to password cracking attacks | P— such as brute force or dictionary attacks — Copyright © by L Al Rights Reserved. Reproduction is Strictly Prohibited Types of Authentication: Password Authentication In password authentication, users are required to provide usernames and the passwords to prove their identity to a system, application, or a network. These are then matched against a list of authorized users in the database/Windows AD. Once matched, the users can access the system. The user password should follow standard password creation practices, including a mixture of alphabets, numbers, and special characters and having a length greater than 8 characters (since small passwords are easy to guess). Password authentication is vulnerable to brute force attacks or dictionary attacks, e.g., a person trying possible combinations of characters to guess the password or capture packets using a “packet sniffer” while sending data across the network as plain text. Module 04 Page 474 Certified Cybersecurity Technician Copyright © by EC-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Identification, Authentication, and Authorization Exam 212-82 Types of Authentication: Two-factox Authentication Two-factor authentication involves using two different authentication factors out of three (something you know, something your have, and something you are) to verify the identity of an individual in order to enhance the security in authentication systems , ENTER VERIFICATION CODE Combinations of two-factor authentication: password and smart card/token, password and biometrics, password and one-time password (OTP), smart card/token and biometrics, \ 2943 5 etc. “Something you are” is the best companion of two-factor authentication as it is considered as the hardest to forge or spoof Copyright© by EC- L All Rights Reserved. Reproduction is Strictly Prohibited. Types of Authentication: Two-factor Authentication Two-factor authentication is a process in which a system confirms user identity in two steps. The user could use a physical entity such as a security token as one of the credentials, and the other credential can include security codes. These security codes can be sent to the end user in the following ways. = Email: The security code is sent via an email message to the registered email account. = SMS: The security code is sent as a short message registered mobile number. * Telephone/mobile phone: The security code is sent via a voice call to the registered telephone or mobile number. = Push notification: An authenticator app on a mobile or PC receives the security code. service (SMS) message to the Two-factor authentication depends on three factors: = Something you have * Something you know = Something you are The factor “Something you are” is the best companion considered as the hardest to forge or spoof. of two-factor authentication as it is Example: A bank card — A user is required to swipe the bank card and enter a PIN while accessing the bank card. Here, the bank card is the physical entity and the PIN is the security code. Module 04 Page 475 Certified Cybersecurity Technician Copyright © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Identification, Authentication, and Authorization The advantage of the two-factor authentication includes decreasing the chances of identity theft and phishing. However, there are certain drawbacks of this two-step process. There are situations where the user will have to wait for the organization to issue the physical token to the user. The delay in receiving the token results in the users waiting for a long time to access their private data. Identity evaluation depends on knowledge, possession, and inherent factors. Out of these, inherent factors are difficult to change as they depend on the characteristics of a human being. There are many combinations available in the two-factor authentication commonly found combinations are: * Password and smart card = Password and biometrics » Password and one-time password (OTP) = Smart card and biometrics Two-factor authentications performed without using tokens authentication. They can be implemented quickly across the network. Module 04 Page 476 are process. The most called tokenless Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Identification, Authentication, and Authorization Two-factor Authentication Techniques: Tokens Hardware Tokens QO Physical devices such as a key fob or USB dongle having an in-built token; used as an authentication factor for accessing any type of restricted resources Q valid only for a short period of approximately 30 seconds Software Tokens O A software-based security token incudes a single-use login PIN or dynamically generated token ~0 ol Copyright © by E L Al Rights Reserved. Reproduction is Strictly Prohibited. Two-factor Authentication Techniques * Tokens A token is a highly secure system that is used to transfer authentication information between two entities in a compact and self-contained approach. Tokens can strengthen and secure the authentication processes in applications and websites handling payment information. The following are the three main elements of tokens. o Header: It defines what type of algorithm and tokens are used. o Payload: It comprises user data and metadata. o Signature: It verifies the sender’s identity and checks for the authenticity of the message. In token-based authentication, on verifying the user’s identity once, the user obtains a unique computer-generated encrypted code or token in exchange. This token help the user access protected pages or resources for a specific time without the need to reenter their credentials each time. Token authentication is always used in a two-factor authentication technique in conjunction with a password or biometric authentication step as the second layer of security. Tokens are of two types: o Hardware tokens Hardware tokens are physical devices such as a key fob or USB dongle having an inbuilt token. It is used as an authentication factor for accessing any type of restricted Module 04 Page 477 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Identification, Authentication, and Authorization Exam 212-82 resources. A hardware token is valid only for a short period of time of approximately 30 seconds, after which the token changes. A simple hardware token has a very low storage capacity and appears like a USB flash drive. Complex hardware tokens consist of LCD displays, and they may also contain keypads for entering passwords. There are two types of hardware tokens: event-based and time-based hardware tokens. Figure 4.11: Hardware Token o Software tokens A software token is a software-based security token that includes a single-use login PIN or dynamically generated token. As it is based on software, there is no need of any incremental hardware cost; further, it is updated automatically and can be downloaded or shared and installed in the user’s mobile device or system. Module 04 Page 478 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.