Scribd Logo
Upload

Welcome to Scribd!

  • 3 views

    Attachment 3

    Uploaded by

    Albert Etsiwah
    Authentication is the process of validating user credentials to enable access. Passwords are the most common authentication method but tokens and certificates provide higher security. There are different authentication methods that can be combined, with multifactor authentication providing the highest security through multiple authentication levels, such as a token and password. Common authentication protocols include Kerberos, which uses tickets and keys, and CHAP, which uses a hashed password for authentication.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Attachment 3

    Uploaded by

    Albert Etsiwah
    3 views6 pages
    Authentication is the process of validating user credentials to enable access. Passwords are the most common authentication method but tokens and certificates provide higher security. There are different authentication methods that can be combined, with multifactor authentication providing the highest security through multiple authentication levels, such as a token and password. Common authentication protocols include Kerberos, which uses tickets and keys, and CHAP, which uses a hashed password for authentication.

    Original Title

    attachment_3

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Authentication is the process of validating user credentials to enable access. Passwords are the most common authentication method but tokens and certificates provide higher security. There are different authentication methods that can be combined, with multifactor authentication providing the highest security through multiple authentication levels, such as a token and password. Common authentication protocols include Kerberos, which uses tickets and keys, and CHAP, which uses a hashed password for authentication.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    3 views6 pages

    Attachment 3

    Uploaded by

    Albert Etsiwah
    Authentication is the process of validating user credentials to enable access. Passwords are the most common authentication method but tokens and certificates provide higher security. There are different authentication methods that can be combined, with multifactor authentication providing the highest security through multiple authentication levels, such as a token and password. Common authentication protocols include Kerberos, which uses tickets and keys, and CHAP, which uses a hashed password for authentication.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 6

    Authentication https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...

    Learning Topic
    Authentication
    Authentication is the process by which credentials are presented and
    validated to enable access. There are a number of different methods of
    authentication. Passwords are the most common type of authentication
    and are usually coupled with user identification (user IDs). Tokens and
    certificates are often used in place of passwords to provide a higher level
    of security. Tokens can contain unique identifiers (e.g., digital signatures
    or keys). Tokens can also store biometric data—for example, fingerprints.

    There are several different types of combinations of authentication.


    Higher levels of security are generally associated with more levels of
    authentication (multifactor). For example, two‐factor authentication might
    include a token and a password. Kerberos is a protocol for authentication
    made up of two components: a ticket (distributed by a service) for user
    authentication and a key that is developed from the user's password.
    Another authentication scheme is the Challenge‐Handshake
    Authentication Protocol (CHAP), which uses a representation (hash) of
    the user's password to authenticate.

    1 of 11 4/24/2021, 8:44 PM
    Authentication https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...

    Resources

    Required

    NIST Special Publication 800‐57 Part 1


    (https://doi.org/10.6028/NIST.SP.800‐57pt1r5)

    How to Authenticate Users with API Keys (/content


    /umuc/tgs/cst/cst620/2212/learning‐resource‐
    list/how‐to‐authenticate‐users‐with‐api‐
    keys.html?ou=546459)

    Has the Time Come to Kill the Password? (/content


    /umuc/tgs/cst/cst620/2212/learning‐resource‐
    list/has‐the‐time‐come‐to‐kill‐the‐
    password‐.html?ou=546459)

    Key Management Cheat Sheet (/content/umuc/tgs


    /cst/cst620/2212/learning‐resource‐list/key‐
    management‐cheat‐sheet.html?ou=546459)

    User Authentication with OAuth 2.0 (/content


    /umuc/tgs/cst/cst620/2212/learning‐resource‐
    list/user‐authentication‐with‐oauth‐
    2‐0.html?ou=546459)

    Centralized Authentication Using OpenLDAP


    (/content/umuc/tgs/cst/cst620/2212/learning‐
    resource‐list/centralized‐authentication‐using‐
    openldap.html?ou=546459)

    Message Authentication Codes (/content


    /dam/course‐content/tgs/cst/cst‐620/document
    /MessageAuthenticationCodes.pdf?ou=546459)

    Recommended

    2 of 11 4/24/2021, 8:44 PM
    Authentication https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...

    Production Best Practices: Security (/content


    /umuc/tgs/cst/cst620/2212/learning‐resource‐
    list/production‐best‐practices‐‐
    security.html?ou=546459)

    Broken Authentication and Session Management


    (/content/umuc/tgs/cst/cst620/2212/learning‐
    resource‐list/broken‐authentication‐and‐session‐
    management.html?ou=546459)

    Message Authentication and Source Privacy in


    Wireless Networks (/content/dam/course‐content
    /tgs/cst/cst‐620/document
    /MessageAuthenticationandSourcePrivacyinWireles
    sNetworks.pdf?ou=546459)

    Biometrics (/content/umuc/tgs/cst/cst620
    /2212/learning‐resource‐
    list/biometrics.html?ou=546459)

    Security How‐To: WPA2‐Enterprise on Your Home


    Network (/content/dam/course‐content/tgs/cst
    /cst‐620/document/SecurityHow‐ToWPA2‐
    EnterpriseonYourHomeNetwork.pdf?ou=546459)

    Protecting Your System: User Access Security


    (/content/dam/course‐content/tgs/cst/cst‐620
    /document
    /ProtectingYourSystem_UserAccessSecurity.pdf?ou
    =546459)

    Authentication (/content/umuc/tgs/cst/cst620
    /2212/learning‐resource‐
    list/authentication.html?ou=546459)

    Toward Secure and Dependable Message


    Authentication in WSN (/content/dam/course‐
    content/tgs/cst/cst‐620/document

    3 of 11 4/24/2021, 8:44 PM
    Authentication https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...

    /TowardsSecureandDependableMessageAuthentica
    tioninWSN.pdf?ou=546459)

    OWASP Top 10 for .NET Developers Part 3: Broken


    Authentication and Session Management (/content
    /umuc/tgs/cst/cst620/2212/learning‐resource‐
    list/owasp‐top‐10‐for‐‐net‐developers‐
    part‐3‐‐broken‐authentication‐a.html?ou=546459)

    Activity: Message Authentication


    (https://lti.umgc.edu/contentadaptor/topics
    /byid/1a09f264‐6674‐48f6‐ba08‐52e0c55afc0c)

    Authentication Summary (https://lti.umgc.edu


    /contentadaptor/topics
    /byid/d05f43a3‐3951‐4be4‐93a0‐19f898aa2b41)

    Multifactor Authentication Overview


    (https://lti.umgc.edu/contentadaptor/topics
    /byid/1570b4eb‐fc1e‐4a09‐baef‐aa627f537e19)

    Authentication and Information Assurance


    (https://lti.umgc.edu/contentadaptor/topics
    /byid/80eae6bf‐8f7b‐4033‐9004‐aa5b9e08c62b)

    4 of 11 4/24/2021, 8:44 PM
    Authentication https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...

    Check Your Knowledge

    Choose the best answer to each question:


    Question 1
    Which of the following is the least secure password that
    can be enhanced by the use of a token to supply better
    security?

    one‐time password

    static password

    dynamic password

    passphrase password

    Question 2
    When a message is encrypted, it provides for which of the
    following?

    confidentiality

    nonrepudiation

    authentication

    authorization

    Question 3
    If you digitally sign a message, which of the following are

    5 of 11 4/24/2021, 8:44 PM
    Authentication https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...

    covered?

    authentication

    nonrepudiation

    integrity

    all of the above

    Question 4
    When employees access the company network via remote
    access, which of the following provides the most reliable
    authentication?

    virtual private networks

    synchronous token with a one‐time password

    asynchronous token with a one‐time password

    both synchronous tokens and asynchronous tokens


    with one‐time passwords

    Question 5
    Point‐to‐point authentication protocols include which of
    the following?

    EAP (Extensible Authentication Protocol)

    CHAP (Challenge Handshake Authentication Protocol)

    PAP (Password Authentication Protocol)

    6 of 11 4/24/2021, 8:44 PM

    You might also like