CISSP DOMAIN 5: Identity and Access Management
Call Kai
Learn
Practice Test
Spaced Repetition
Match
Flashcards
Knowt Play1/36
There's no tags or description
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced | Call with Kai |
|---|
No analytics yet
Send a link to your students to track their progress
37 Terms
What are the three authentication factors?
Something you know, something you have, something you are
What is Type 1 authentication?
Something you know (passwords, PINs)
What is Type 2 authentication?
Something you have (token, smart card)
What is Type 3 authentication?
Something you are (biometrics)
What is a Brute Force attack?
Trying every possible password combination
What is a Dictionary attack?
Using a list of common passwords
What is a Rainbow Table attack?
Using precomputed hash tables
What is a Keylogger?
Captures keystrokes
What is Salting?
Adding random data before hashing passwords
What is a Nonce?
Number used once to prevent replay attacks
What are Clipping Levels?
Allow limited failed login attempts before lockout
What is a One-Time Password?
Password valid for one login session
What is HOTP?
Counter-based one-time password
What is TOTP?
Time-based one-time password
What is FAR?
False Acceptance Rate (unauthorized access allowed)
What is FRR?
False Rejection Rate (authorized user denied)
Which access control model is best for confidentiality?
MAC
Which access control model is best for availability?
DAC
Which access control model is best for integrity?
RBAC or ABAC
What is Context-Based Access Control?
Access based on context (location, time)
What is Content-Based Access Control?
Access based on data content
What is Just-In-Time Access?
Temporary access granted when needed
What is Risk-Based Access Control?
Access decisions based on risk evaluation
What is a Policy Decision Point (PDP)?
Determines access decisions
What is a Policy Enforcement Point (PEP)?
Enforces access decisions
What is a Service Account?
Account used by applications
What is FIDM?
Federated Identity Management
What is SAML?
XML-based standard for authentication and authorization
What is SSO?
One login for multiple systems
What is Federated Identity?
Identity shared across multiple organizations
What is IDaaS?
Cloud-based identity management
What is Kerberos?
Ticket-based authentication protocol using symmetric keys
What is SESAME?
Kerberos successor using asymmetric keys
What is RADIUS?
AAA protocol for network access
What is Diameter?
Successor to RADIUS
What is TACACS?
Centralized authentication protocol
What is TACACS+?
Encrypts entire authentication session
