PRACTICE - ACCESS Control

Home

Get App

Create

Radius - open protocol - de facto of Internet
TACACS - cisco - proprietary protocol
Cognative password
- Cognative password - user asked several questions - don't
- need to remember one password
Virtual Password

Virtual Password is the length and format that is required by the application. could be used as the key in an algorithm
simplest technolgy and least secure - single
sign-on - scripting
Diameter
- more diverse centralized access control administration than RADIUS and TACAS+
- supports PPPP, sLIP ...
Kerberos - not proprietary
- Kerberos - user enters credentials and obtains a TGT
- timestamp that makes it valid for 8 hours
- Kerberos client sends the TGT to the TGS which creates a second ticket.
- His ticket is used by the user to authenticate to the network resource
Kerberos - users sends authentication information to Authentication Service (AS)

AS creates a ticket granting ticket (TGT). which is encrypted with the user's secret key.

The TGT is used to communicate to THE ticket granting service (TGS)

TGS creates a ticket that contains two instances of the same session key that is encrypted with the individual principal's secret keys.

It is the second ticket that allows the 2 principals to obtain their session keys
Synchronous token device

asynchronous token device
- Synchronous token device - driven by time or events to authenticate users
- asynchronous token device uses a challenge-based mechanismduring authentication
Salt

Salt - random value that is added during enryptinog process on non-windows systems.
Iris and retina scan

Author

wathy64

27789

Card Set

PRACTICE - ACCESS Control

Description

CIssp - Access control - Practice questions

Updated

2010-07-23T20:41:01Z

Show Answers