Live Virtual Lab 12.2: Module 12 Authentication and Authorization Solutions

How many entities are involved in the 802.1x authentication process? A. 1 B. 2 C. 3 D. 4

3

Which of the following is required for two-factor authentication? [Choose all that apply] - USB drive - Password key - Password - Smart card

Password key Password Smart card

Which of the following functions can be performed by a hardware security module (HSM)? [Choose all that apply] - Encryption Keys Management - Key Exchange - Encryption and Decryption - User Password Management - Cryptographic function offloading from a server

Encryption Keys Management Key Exchange Encryption and Decryption Cryptographic function offloading from a server HSM can perform various functions including: encryption keys management key exchange encryption and decryption cryptographic functions offloading from servers HSM does not perform user password management.

Which of the following protocol uses port-based authentication? A. Extensible Authentication Protocol (EAP) B. Challenge Handshake Authentication Protocol (CHAP) C. Password Authentication Protocol (PAP) D. 802.1X

802.1X 802.1X is a port-based authentication method to authenticate devices before they can connect to a LAN, a wireless network, or even Ethernet. The Password Authentication Protocol (PAP), as the name suggests, is password-based. CHAP is an authentication protocol that performs a 3-way handshake when verifying a peer or client on the network. Extensible Authentication Protocol (EAP) is used with wireless networks.

Which of the following authentication method can use location to authenticate a user? A. Attribute-based Access Control (ABAC) B. Role-based Access Control (RBAC) C. Rule-based Access Control (RBAC) D. Mandatory Access Control (MAC)

Attribute-based Access Control (ABAC) Attribute-based access control (ABAC) works on attributes instead of users or groups. For example, city and department could be two attributes of users. If both the attributes match, the user is granted access to the object. Examples of other attributes could be a user's citizenship, time, or location. Role-based access control (RBAC), also known as non-discretionary access control, works by assigning permissions based on the user's position in a hierarchy. In this kind of access control, a user, when required to access an object, is put into a role or group, and then the group is assigned access to the object. Rule-based access control (RBAC), uses rules to allow or deny access to a resource. Access permissions are stored in the access control lists (ACLs). Mandatory access control (MAC) is the strictest in controlling access to an object. It classifies resources and users, and permissions are assigned based on these classifications. Mandatory access control allows the administrator or group of authorized individuals to control access to resources.