0 evaluări0% au considerat acest document util (0 voturi)
59 vizualizări3 pagini
This document defines key terms related to authentication models and physical security. It defines 14 terms related to identification, authentication, authorization, multifactor authentication, single sign-on, LDAP, Kerberos, mutual authentication, remote desktop services, captive portals, remote access service, CHAP, VPNs, RADIUS, and TACACS+. It also provides short answers describing the 4 steps of 802.1X authentication, 2 types of authentication failures, 3 examples of building perimeter security, and 5 examples of server room security.
Descriere originală:
Titlu original
DCOM 258 Lab 09 Physical Security & Authentication Models.doc
This document defines key terms related to authentication models and physical security. It defines 14 terms related to identification, authentication, authorization, multifactor authentication, single sign-on, LDAP, Kerberos, mutual authentication, remote desktop services, captive portals, remote access service, CHAP, VPNs, RADIUS, and TACACS+. It also provides short answers describing the 4 steps of 802.1X authentication, 2 types of authentication failures, 3 examples of building perimeter security, and 5 examples of server room security.
This document defines key terms related to authentication models and physical security. It defines 14 terms related to identification, authentication, authorization, multifactor authentication, single sign-on, LDAP, Kerberos, mutual authentication, remote desktop services, captive portals, remote access service, CHAP, VPNs, RADIUS, and TACACS+. It also provides short answers describing the 4 steps of 802.1X authentication, 2 types of authentication failures, 3 examples of building perimeter security, and 5 examples of server room security.
Name: Shaamim Ahmed Chapter 09: Physical Security & Authentication Models Part # 1
Define the following Key Terms (12 points)
Part A: Define the following terms (25 points)
1. Identification When a person is in a state of being identified. It can also be described as some- thing that identifies a person such as an ID card. 2. Authentication When a persons identity is confirmed. Authentication is the verification of a persons identity. 3. Authorization When a user is granted access to specific resources after authentication is complete. 4. Multifactor authentication Multifactor authentication means that the user must provide two different types of identification. The thumbprint is an example of biometrics. Username and password are examples of a domain logon. Single sign-on would only be one type of authentication that enables the user access to multiple resources. 5. Single sign-on (SSO) Single sign-on (SSO) is when a user can log in once but gain access to multiple systems without being asked to log in again. This is complemented by single sign-off, which is basically the reverse; logging off signs off a person from multiple systems. 6. LDAP (Lightweight Directory Access Protocol) An Application Layer protocol used for accessing and modifying directory services data 7. Kerberos An authentication protocol designed at MIT that enables computers to prove their identity to each other in a secure manner 8. Mutual authentication Two-way authentication where the client and the server both verify each others identity 9. Remote Desktop Services Web-based authentication systems used often in free wireless networks (hotels, coffee shops, and so on). 10. Captive Portals Web-based authentication systems used often in free wireless networks (hotels, coffee shops, and so on). 11. Remote Access Service (RAS) Began as a service that enabled dial-up connections from remote clients. Nowadays, more and more remote connections are made with high-speed Internet technologies, such as cable Internet, DSL, and FIOS.
Security + Computer System Security
DCOM 258 E31 Challenge Handshake Authentication Protocol (CHAP) An authentication scheme used by Point-to-Point Protocol (PPP), which is the standard for dial-up connections 12. Virtual private networks (VPNs) A connection between two or more computers or devices that are not on the same private network PPTP (Port 1723) L2TP (Port 1701) Windows Server RRAS 13. RADIUS (Ports 1812 and 1813) The Remote Authentication Dial-In User Service (RADIUS) provides centralized administration of dial-up, VPN, and wireless authentication. 14. TACACS+ (Port 49) The Terminal Access Controller Access-Control System Plus (TACACS+) is another remote authentication protocol developed by Cisco.
Part B: Short answer Questions (30 points)
1. List the four steps of 802.1X authentication. i. Initialization ii. Initiation iii. Negotiation iv. Authentication 2. Identify two Authentication failures. I. False positive a. This is when a system authenticates a user who should not be allowed II.
access to the system. This is also known as a Type I error.
False negative a. This is when a system denies a user who actually should be allowed
access to the system. This is known as a Type II error.
3. List three Building perimeter security. I. Video surveillance and CCTV II. Security alarms III. Motion detectors 4. Identify five Server room security. I. Door access II. CardKey III. Smart cards IV. Proximity sensors V. Biometric readers
Security + Computer System Security
DCOM 258 E31 a. Biometrics is the science of recognizing humans based on one or more physical characteristics.
Kenoyer, Jonathan M. & Heather ML Miller, Metal technologies of the Indus valley tradition in Pakistan and Western India, in: The Archaeometallurgy of the Asian Old World, 1999, ed. by VC Piggott, Philadelphia, Univ. of Pennsylvania Museum, pp.107-151
HTML5 and CSS3 Masterclass: In-depth Web Design Training with Geolocation, the HTML5 Canvas, 2D and 3D CSS Transformations, Flexbox, CSS Grid, and More (English Edition)
Summary of Traffic Secrets: by Russell Brunson - The Underground Playbook for Filling Your Websites and Funnels with Your Dream Customers - A Comprehensive Summary