Ch 3

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

What is a default account? Is it a security risk?

Default accounts and passwords for devices and software can be found on the internet and used to hack your network or home devices

What two actions do I need to complete when John Smith leaves the company?

Disable his account and reset the password. Deleting the account will prevent access to the data he used

What is the purpose of a user account review?

Ensures old accounts have been deleted and all current users have the appropriate access to resources and not a higher level of privilege

What is the difference between FAR and FRR?

FAR allows unauthorized user access, and FRR rejects authorized user access.

What is type II in biometric authentication and why is it a security risk?

Failure Acceptance Rate, where people that are not permitted to access your network are given access

What authentication method can be used by two third parties that participate in a joint venture?

Federated services ; use SAML and extended attributes (ie. ID or email)

What will be the two possible outcomes if an auditor finds any working practices that do not confirm to the company policy?

Following an audit, either change management or a new policy will be put in place to rectify any area not conforming to company policy

How many times can you use an HOTP password? Is there a time restriction associated with it?

HOTP is a one-time password that doesn't expire until you use it

How does a CAC differ from a smart card and who uses CAC?

A CAC is similar to a smart card as it uses certificates, but the CAC is used by the military. Picture and user details on the front, blood group and Geneva convention category on the back

What can I implement to find out immediately when a user is placed in a group that may give them a higher level of privilege?

A SIEM system can carry out active monitoring and notify the admins of any changes to user accounts or logs

What is a Ticket Granting Ticket (TGT) session?

A Ticket-Granting Ticket (TGT) process is where a user logs in to an Active Directory domain using Kerberos authentication and receives a service ticket.

What is the format of a distinguished name for a user called Fred who works in the IT department for a company with a domain called Company A that is a dotcom?

A distinguisher name in the ITU X500 object format is cn=Fred, ou=IT, dc=Company, dc=Com

What type of knowledge-based authentication would a bank normally use?

A dynamic KBA that would ask you details about your account. NOT previously stored questions

What is OpenID Connect?

A protocol based on OAuth 2.0 that sends info from one service to another. Used to enable social single sign-on.

What is Kerberos?

A secure authentication protocol available in Windows. It is the only one that uses tickets. Also uses timestamps and updated sequence numbers to prevent replay attacks. Prevents pass-the-hash attacks since it doesn't use NTLM.

What is Shibboleth?

A small open source Federation Services protocol.

What is single sign-on? Give 2 examples

A user inserts their credentials only once and accesses different resources, such as email and files, without needing to re-enter the credentials. Examples include Kerberos, Federation Services, or a smart card

Describe the process of impossible time travel

A user logs in to a device from one location, and then they log in from another location shortly afterward, where it would be impossible to travel that distance in the time between logins.

A brute-force attack cracks a password using all combinations of characters and will eventually crack a password. What can I do to prevent a brute-force attack?

Account Lockout with a low value

What could be two drawbacks to facial recognition?

Affected by light or turning your head slightly to one side; some older facial recognition systems accept photographs. Microsoft Windows Hello is much better as it uses infrared and is not fooled by a photograph or affected by light

What is an XML-based authentication protocol?

An XML-based authentication protocol used with federated services.

What is a privileged account?

An account with admin rights

What is the purpose of a password vault and how secure is it?

An app that stores passwords using AES-256 encryption and it is only as secure as the master key

What is account recertification?

An audit of user accounts and permissions that is usually carried out by an auditor. This is also referred to as a user account review

Which authentication model gives access to a computer system even though the wrong credentials are being used?

Biometric authentication allows unauthorized users access to the system

What is the drawback for security if the company uses shared accounts?

Causes problems with monitoring and auditing. Responsible employees can't be traced

What is the purpose of the following command?: $ shh-copy-id

Copy and install the public key on the SSH server and add to the list of authorized keys

The IT team have a global group called IT Admin; each member of the IT team are members of this group and therefore have full control access to the departmental data. Two new apprentices are joining the company and they need to have read access to the IT data. How can you achieve this with the minimum amount of admin effort?

Create a group called IT apprentices, and then add the apprentices, accounts to the group. Give the group read access to the IT data

What is the purpose of a VPN solution?

Creates a secure to connect from a remote location to your corporate network or vice versa. The most secure tunneling protocol is L2TP/IPSec.

I have different login details and passwords to access Airbnb, Twitter, and Facebook, but I keep getting them mixed up and have locked myself out of these accounts from time to time. What can I implement on my Windows 10 laptop to help me?

Credential manager can be used to store generic and Windows 10 accounts. User does not have to remember the account details.

What is a port-based authentication that authenticates both users and devices?

IEE802.1x is port-based authentication that authenticates both users and devices

What authentication factor uses tickets, timestamps, and updated sequence numbers and is used to prevent replay attacks?

Kerberos

What authentication factor uses tickets, timestamps and updated sequence numbers and is used to prevent replay attacks?

Kerberos; only authentication protocol that uses tickets

What protocol is used to store and search for Active Directory objects?

LDAP (Lightweight Directory Authentication Protocol) ; stores objects in X500 format and searches Active Directory objects (ie. users, printers, groups or computers)

What type of factor authentication is a smart card?

Multi/dual-factor

What is NTLM?

New Technology LAN Manager

What is used for accounting in an AAA server?

Normally logged into a database such as SQL. RADIUS Accounting uses UDP port 1813.

Why should we never use PAP authentication?

PAP authentication uses a password in clear text; this could be captured easily by a packet sniffer.

How can I prevent someone from reusing the same password?

Password history could be set up and combined with a minimum password age

What type of device is an iris scanner?

Physical device used for biometric authentication.

How can I prevent a pass-the-hash attack?

Prevent this by enabling Kerberos or disabling NTLM

What is a solution that helps protect privilege accounts?

Privileged Access Management is a solution that stores the privileged account in a bastion domain to help protect them from attack

What do I need to do when I purchase a baby monitor and why?

Rename the default admin account and change default password to prevent hacking. It's an IoT item

How can I prevent a hacker from inserting a password multiple times?

Set up an account lockout with a low value

How many factors is it if I have a password, PIN, and date of birth?

Single-factor; they're all something you know

Why do cloud providers adopt a zero-trust model?

Some devices being used do not belong to a domain, for example, an iPad, so every connection should be considered unsafe

What is the danger to households with IoT devices?

Some people don't realize that there are generic accounts controlling the devices that make them vulnerable to attack.

How many accounts should a sys admin for a multinational corporation have and why?

Sys Admin should have 2 accounts: a user account for day-to-day tasks & an admin account

The sys admin in a multination corporation creates a user account using an employee's first name and last name. Why are they doing this time after time?

Sys admin's using a standard naming convention

What is a time-limited password?

TOTPhas a short time limit of 30-60 seconds

I have moved departments but the employees in my old department still use my old account for access; what should the company have done to prevent this from happening? What should their next action be?

The company should have disabled the account and reset the password. A user account review needs to be carried out to find accounts in a similar situation

If a contractor brings in 5 consultants for 2 months of mail server migration, how should I set up their accounts? How can I ensure these contractors can only access the company network from 9-5 daily?

The contractor's account should have an expiry date equal to the last day of the contract Rule-based access

What is password history?

The number of passwords you can use before you can reuse your current password. Some third-party applications or systems may call this a Password Reuse list.

When I login to my Dropbox account from my phone, I get an email asking me to confirm that this was a legal login. What have I been subjected to?

This is known as a risky login as I have used a secondary device to login to Dropbox

If I have a company that has 5 consultants who work in different shift patterns, how can I set up their accounts so that each of them can only access the network during their individual shifts?

Time and day restrictions against each user account

What type of account is a service account?

Type of admin account that allows an application to have a higher level of privileges to run on a desktop or server. Ex) using a service account to run an anti-virus app

What is the most common form of authentication that is most likely to be entered incorrectly?

passwords


Kaugnay na mga set ng pag-aaral

Marquis Leadership 8e Ch 17: Staffing Needs and Scheduling Policies

View Set

Parts of the brain and their functions

View Set

Macro Homework 5: Loanable Funds Model

View Set