Password keys: A password key is a physical device or a piece of software that is used to store and manage passwords securely. This can help prevent passwords from being lost, forgotten, or stolen, and makes it easier for users to access the resources they need.
Password vaults: A password vault is a centralized database that securely stores and manages passwords and other sensitive information, such as certificates and keys. This enables users to access the information they need without having to remember each password.
TPM (Trusted Platform Module): A TPM is a microcontroller that provides security-related functions, such as secure storage of encryption keys, digital certificates, and other sensitive information. The TPM provides an isolated environment for key generation, protection, and storage.
HSM (Hardware Security Module): An HSM is a physical device or software that is used to securely store and manage digital certificates, encryption keys, and other sensitive information. HSMs are designed to provide secure storage, even if the computer or device they are connected to is compromised.
Knowledge-based authentication (KBA): KBA is a method of authentication that verifies a user's identity by asking them questions that only they should know the answers to, such as their social security number, mother's maiden name, or the name of their first pet. KBA is often used as a secondary form of authentication, in addition to a password.
Explain the following Authentication/authorization techniques
1. EAP (Extensible Authentication Protocol) is a general framework that provides a structure for implementing different types of authentication methods, such as CHAP, PAP, and others.
2. CHAP (Challenge-Handshake Authentication Protocol) is a protocol that requires the client to send a "challenge" to the server, which the server then uses to verify the client's identity.
3. PAP (Password Authentication Protocol) is a simple authentication protocol that sends a plaintext password over the network to the server. This method is considered insecure as the password is transmitted in clear text and can be intercepted by attackers.
4. 802.1X is a standard for network access control that provides a secure method for authenticating users and devices connecting to a network.
5. RADIUS (Remote Authentication Dial-In User Service) is a protocol used for remote user authentication and authorization, primarily for use with dial-up and VPN connections.
6. Single sign-on (SSO) is a mechanism that allows a user to log in once and gain access to multiple applications or services without having to re-enter their credentials for each one.
7. SAML (Security Assertion Markup Language)
is an XML-based standard for exchanging authentication and authorization data between parties, primarily used for SSO.
8. TACACS+ (Terminal Access Controller Access Control System Plus) is a protocol used for remote authentication of users accessing a network device such as a router or firewall.
9. OAuth (Open Authorization) is a standard for granting access to resources without sharing the user's credentials.
10. OpenID is a protocol that enables users to authenticate with multiple web-based applications using a single set of credentials.
11. Kerberos is a network authentication protocol that provides secure authentication and authorization services to clients in a network environment.
Explain the following Access control schemes
Access control is a critical aspect of information security, which determines who is authorized to access what resources and what actions they can perform on those resources. There are several access control schemes that organizations use to enforce access control policies, including:
1. Attribute-Based Access Control (ABAC): This scheme allows the authorization of access based on attributes of the requestor and the resource being requested. ABAC evaluates conditions based on user attributes, resource attributes, and environmental attributes, to determine if the requestor should be granted access to the resource.
2. Role-Based Access Control (RBAC): This scheme is based on the roles and responsibilities of the requestor within an organization. Users are assigned to roles, and roles are granted permissions to perform specific actions on resources. RBAC provides a simple and effective way to manage access control.
3. Rule-Based Access Control: This scheme uses rules to determine the access privileges of users. Rules can be based on various factors, such as time of day, location, device type, etc. Rule-based access control provides a flexible and adaptable way to enforce access control policies.
4. MAC: Mandatory Access Control (MAC) is a security model that enforces access control based on the security classification of the resource and the clearance level of the requestor. MAC is typically used in military and government organizations to ensure the confidentiality and integrity of sensitive information.
5. Discretionary Access Control (DAC): DAC is a security model that allows the owner of a resource to specify who can access the resource and what actions they can perform. The owner has the discretion to grant or deny access, making DAC more flexible than MAC.
6. Conditional Access: This is a type of access control that requires users to meet certain conditions before they are granted access to a resource. The conditions can be based on factors such as device type, network location, or security posture.
7. Privileged Access Management (PAM): PAM is a security discipline that aims to reduce the risk associated with privileged accounts and credentials. PAM provides organizations with the ability to manage, monitor, and control the use of privileged accounts, which can help reduce the risk of cyberattacks.
8. Filesystem Permissions: Filesystem permissions are a type of access control that determine who can access files and directories on a computer. The permissions can be set at the individual file or directory level and specify who can read, write, and execute the files.
