Class 4: Identity and Access Management, Authentication, and Authorization [No Lecture Included]
0.0(0)
Studied by 0 people
Call Kai
Learn
Practice Test
Spaced Repetition
Match
Flashcards
Knowt PlayCard Sorting
1/653
There's no tags or description
Looks like no tags are added yet.
Last updated 1:13 PM on 6/4/26
Name | Mastery | Learn | Test | Matching | Spaced | Call with Kai |
|---|
No analytics yet
Send a link to your students to track their progress
654 Terms
1
New cards
Identity and access management IAM
Identity and access management IAM is the process of identifying users and devices and controlling their access to applications data and services.
Example: IAM helps make sure each network user or host device has an account so access can be managed and tracked.
Memory trick: IAM = Identify Access Manage.
Trick question tip: If the question mentions managing identities accounts permissions authentication or authorization think IAM.
Example: IAM helps make sure each network user or host device has an account so access can be managed and tracked.
Memory trick: IAM = Identify Access Manage.
Trick question tip: If the question mentions managing identities accounts permissions authentication or authorization think IAM.
2
New cards
Authentication
Authentication is the process of proving that a user device or account holder is valid.
Example: A user enters a username and password. The authentication server compares the submitted credentials to stored credentials before allowing the account to be used.
Memory trick: Authentication = Prove who you are.
Trick question tip: If the question asks about verifying identity before access is allowed think authentication.
Example: A user enters a username and password. The authentication server compares the submitted credentials to stored credentials before allowing the account to be used.
Memory trick: Authentication = Prove who you are.
Trick question tip: If the question asks about verifying identity before access is allowed think authentication.
3
New cards
Supplicant
A supplicant is the user device or system requesting authentication.
Example: A laptop trying to connect to a managed network can act as the supplicant because it presents credentials to prove it should be allowed access.
Memory trick: Supplicant = The one asking to get in.
Trick question tip: If the question asks who presents credentials for authentication think supplicant or claimant.
Example: A laptop trying to connect to a managed network can act as the supplicant because it presents credentials to prove it should be allowed access.
Memory trick: Supplicant = The one asking to get in.
Trick question tip: If the question asks who presents credentials for authentication think supplicant or claimant.
4
New cards
Claimant
A claimant is a user device or system claiming an identity during authentication.
Example: When a person logs in with an account the person is claiming to be the account holder.
Memory trick: Claimant = Claims an identity.
Trick question tip: If the question mentions someone claiming to be a user or account holder think claimant.
Example: When a person logs in with an account the person is claiming to be the account holder.
Memory trick: Claimant = Claims an identity.
Trick question tip: If the question mentions someone claiming to be a user or account holder think claimant.
5
New cards
Authentication server
An authentication server verifies submitted credentials against stored credential information.
Example: When a user logs in the server checks whether the submitted password PIN token or other credential matches what is expected for that account.
Memory trick: Authentication server = Credential checker.
Trick question tip: If the question asks what compares presented credentials to stored credentials think authentication server.
Example: When a user logs in the server checks whether the submitted password PIN token or other credential matches what is expected for that account.
Memory trick: Authentication server = Credential checker.
Trick question tip: If the question asks what compares presented credentials to stored credentials think authentication server.
6
New cards
Credential
A credential is evidence used to prove identity during authentication.
Example: Credentials can include passwords passphrases PINs smart cards security keys tokens certificates or biometric data.
Memory trick: Credential = Proof for login.
Trick question tip: If the question asks what a user submits or presents to prove identity think credential.
Example: Credentials can include passwords passphrases PINs smart cards security keys tokens certificates or biometric data.
Memory trick: Credential = Proof for login.
Trick question tip: If the question asks what a user submits or presents to prove identity think credential.
7
New cards
Authentication design
Authentication design is the process of choosing authentication technologies that meet confidentiality integrity and availability needs.
Example: A company may choose passwords plus multifactor authentication to protect accounts while still keeping login usable for employees.
Memory trick: Authentication design = Pick the right login protection.
Trick question tip: If the question mentions selecting authentication technology based on CIA requirements think authentication design.
Example: A company may choose passwords plus multifactor authentication to protect accounts while still keeping login usable for employees.
Memory trick: Authentication design = Pick the right login protection.
Trick question tip: If the question mentions selecting authentication technology based on CIA requirements think authentication design.
8
New cards
Confidentiality in authentication
Confidentiality in authentication means protecting credentials from being leaked or exposed.
Example: If account credentials are stolen a threat actor may impersonate the account holder and use that account’s rights.
Memory trick: Confidentiality = Keep credentials secret.
Trick question tip: If the question mentions leaked credentials password theft or account impersonation think confidentiality.
Example: If account credentials are stolen a threat actor may impersonate the account holder and use that account’s rights.
Memory trick: Confidentiality = Keep credentials secret.
Trick question tip: If the question mentions leaked credentials password theft or account impersonation think confidentiality.
9
New cards
Integrity in authentication
Integrity in authentication means the authentication method is reliable and difficult to bypass or trick with counterfeit credentials.
Example: A strong authentication system should reject fake credentials and resist attacks that try to fool the login process.
Memory trick: Integrity = Login system can be trusted.
Trick question tip: If the question mentions bypassing authentication counterfeit credentials or tricking the login process think integrity.
Example: A strong authentication system should reject fake credentials and resist attacks that try to fool the login process.
Memory trick: Integrity = Login system can be trusted.
Trick question tip: If the question mentions bypassing authentication counterfeit credentials or tricking the login process think integrity.
10
New cards
Availability in authentication
Availability in authentication means the login process works reliably and does not slow down users too much.
Example: Authentication should be secure but still fast enough and simple enough that users can complete normal workflows.
Memory trick: Availability = Users can still log in and work.
Trick question tip: If the question mentions authentication time workflow delays usability or users being blocked from work think availability.
Example: Authentication should be secure but still fast enough and simple enough that users can complete normal workflows.
Memory trick: Availability = Users can still log in and work.
Trick question tip: If the question mentions authentication time workflow delays usability or users being blocked from work think availability.
11
New cards
Authentication factor
An authentication factor is a category of credential used to prove identity.
Example: Authentication factors include something you know something you have something you are somewhere you are and something you do.
Memory trick: Factor = Type of proof.
Trick question tip: If the question asks what category a password PIN token or fingerprint belongs to think authentication factor.
Example: Authentication factors include something you know something you have something you are somewhere you are and something you do.
Memory trick: Factor = Type of proof.
Trick question tip: If the question asks what category a password PIN token or fingerprint belongs to think authentication factor.
12
New cards
Knowledge factor
A knowledge factor is something the account holder knows.
Example: A password passphrase or PIN can be a knowledge factor because the user must know it to authenticate.
Memory trick: Knowledge factor = Something you know.
Trick question tip: If the credential is memorized information think knowledge factor.
Example: A password passphrase or PIN can be a knowledge factor because the user must know it to authenticate.
Memory trick: Knowledge factor = Something you know.
Trick question tip: If the credential is memorized information think knowledge factor.
13
New cards
Something you know
Something you know is an authentication factor based on memorized information.
Example: Passwords passphrases and PINs are examples of something you know.
Memory trick: Something you know = Password style proof.
Trick question tip: If the question mentions a secret the user remembers think something you know.
Example: Passwords passphrases and PINs are examples of something you know.
Memory trick: Something you know = Password style proof.
Trick question tip: If the question mentions a secret the user remembers think something you know.
14
New cards
Login
A login is usually made of a username and password used to access an account.
Example: A user may enter a username to identify the account and a password to prove they are allowed to use it.
Memory trick: Login = Username plus password.
Trick question tip: If the question mentions the typical knowledge-factor login think username and password.
Example: A user may enter a username to identify the account and a password to prove they are allowed to use it.
Memory trick: Login = Username plus password.
Trick question tip: If the question mentions the typical knowledge-factor login think username and password.
15
New cards
Username
A username identifies an account but is usually not treated as the main secret.
Example: A username tells the system which account is being accessed. The password or other credential proves the account holder is valid.
Memory trick: Username = Which account.
Trick question tip: If the question asks what identifies the account but is usually not secret think username.
Example: A username tells the system which account is being accessed. The password or other credential proves the account holder is valid.
Memory trick: Username = Which account.
Trick question tip: If the question asks what identifies the account but is usually not secret think username.
16
New cards
Password
A password is a secret knowledge factor used to authenticate to an account.
Example: A password must be known only to the account holder because anyone who knows it may be able to access the account.
Memory trick: Password = Secret account phrase.
Trick question tip: If the question mentions a secret memorized value used with a username think password.
Example: A password must be known only to the account holder because anyone who knows it may be able to access the account.
Memory trick: Password = Secret account phrase.
Trick question tip: If the question mentions a secret memorized value used with a username think password.
17
New cards
Passphrase
A passphrase is a longer password made from several words.
Example: A passphrase can be easier to remember and harder to guess than a short simple password because it is longer.
Memory trick: Passphrase = Password sentence.
Trick question tip: If the question mentions several words used as a longer password think passphrase.
Example: A passphrase can be easier to remember and harder to guess than a short simple password because it is longer.
Memory trick: Passphrase = Password sentence.
Trick question tip: If the question mentions several words used as a longer password think passphrase.
18
New cards
Passphrase advantage
A passphrase can be more secure and easier to remember than a short password.
Example: A long phrase made of multiple words usually has more length which can make it harder to crack while still being memorable for the user.
Memory trick: Longer phrase = Stronger and memorable.
Trick question tip: If the question asks why passphrases are useful think length and memorability.
Example: A long phrase made of multiple words usually has more length which can make it harder to crack while still being memorable for the user.
Memory trick: Longer phrase = Stronger and memorable.
Trick question tip: If the question asks why passphrases are useful think length and memorability.
19
New cards
Personal identification number PIN
A personal identification number PIN is a knowledge factor used to authenticate usually to a specific device or system.
Example: A PIN may be a short numeric code or a longer character-based code depending on the authentication design.
Memory trick: PIN = Personal login code.
Trick question tip: If the question mentions a code known by the user think PIN.
Example: A PIN may be a short numeric code or a longer character-based code depending on the authentication design.
Memory trick: PIN = Personal login code.
Trick question tip: If the question mentions a code known by the user think PIN.
20
New cards
Traditional PIN
A traditional PIN is usually a short four-digit or six-digit numeric code.
Example: Bank cards commonly use short numeric PINs to authenticate the card holder.
Memory trick: Traditional PIN = Short number code.
Trick question tip: If the question mentions bank cards or four to six numbers think traditional PIN.
Example: Bank cards commonly use short numeric PINs to authenticate the card holder.
Memory trick: Traditional PIN = Short number code.
Trick question tip: If the question mentions bank cards or four to six numbers think traditional PIN.
21
New cards
Modern PIN
A modern PIN is mainly defined by being valid for one device only and may use different characters or lengths.
Example: A device sign-in PIN may work only on that device instead of being a reusable password for every service.
Memory trick: Modern PIN = One-device login secret.
Trick question tip: If the question says the PIN is valid only for a single device think modern PIN.
Example: A device sign-in PIN may work only on that device instead of being a reusable password for every service.
Memory trick: Modern PIN = One-device login secret.
Trick question tip: If the question says the PIN is valid only for a single device think modern PIN.
22
New cards
PIN vs password
A PIN is often tied to one device while a password may authenticate to an account across multiple systems.
Example: A device PIN may unlock only that computer while an account password may be used to sign in from different locations or devices.
Memory trick: PIN = Device local. Password = Account wider.
Trick question tip: If the question emphasizes single-device validity think PIN. If it emphasizes account login across systems think password.
Example: A device PIN may unlock only that computer while an account password may be used to sign in from different locations or devices.
Memory trick: PIN = Device local. Password = Account wider.
Trick question tip: If the question emphasizes single-device validity think PIN. If it emphasizes account login across systems think password.
23
New cards
Account impersonation
Account impersonation happens when a threat actor uses stolen or exposed credentials to act as the account holder.
Example: If an attacker steals a user’s password they may log in and perform actions using the user’s permissions.
Memory trick: Stolen credentials = Fake account holder.
Trick question tip: If the question mentions a threat actor acting with someone else’s rights after credential theft think account impersonation.
Example: If an attacker steals a user’s password they may log in and perform actions using the user’s permissions.
Memory trick: Stolen credentials = Fake account holder.
Trick question tip: If the question mentions a threat actor acting with someone else’s rights after credential theft think account impersonation.
24
New cards
Improper credential management
Improper credential management means passwords or other authentication methods are handled in an unsafe way.
Example: Users may reuse passwords store passwords insecurely share credentials or enter credentials into spoofed websites.
Memory trick: Bad credential management = Easy path for attackers.
Trick question tip: If the question mentions weak password habits unsafe credential handling or stolen login information think improper credential management.
Example: Users may reuse passwords store passwords insecurely share credentials or enter credentials into spoofed websites.
Memory trick: Bad credential management = Easy path for attackers.
Trick question tip: If the question mentions weak password habits unsafe credential handling or stolen login information think improper credential management.
25
New cards
Password-based credentials
Password-based credentials use a password or passphrase to prove account identity.
Example: A user signs in with a username and password. The system checks whether the submitted password matches the stored credential information.
Memory trick: Password credential = Secret you type.
Trick question tip: If the authentication method depends on a memorized password or phrase think password-based credentials.
Example: A user signs in with a username and password. The system checks whether the submitted password matches the stored credential information.
Memory trick: Password credential = Secret you type.
Trick question tip: If the authentication method depends on a memorized password or phrase think password-based credentials.
26
New cards
Password best practices policy
A password best practices policy teaches users how to choose maintain and protect passwords.
Example: The policy may tell users not to reuse work passwords on personal sites and not to enter passwords into suspicious login forms.
Memory trick: Password policy = Rules for safer passwords.
Trick question tip: If the question mentions instructing users on choosing and maintaining passwords think password best practices policy.
Example: The policy may tell users not to reuse work passwords on personal sites and not to enter passwords into suspicious login forms.
Memory trick: Password policy = Rules for safer passwords.
Trick question tip: If the question mentions instructing users on choosing and maintaining passwords think password best practices policy.
27
New cards
Credential management policy
A credential management policy tells users how to keep authentication methods secure.
Example: This policy may cover passwords smart cards biometric IDs phishing awareness and how to avoid entering credentials into spoofed sites.
Memory trick: Credential policy = Protect every login method.
Trick question tip: If the question covers passwords smart cards biometrics and social engineering together think credential management policy.
Example: This policy may cover passwords smart cards biometric IDs phishing awareness and how to avoid entering credentials into spoofed sites.
Memory trick: Credential policy = Protect every login method.
Trick question tip: If the question covers passwords smart cards biometrics and social engineering together think credential management policy.
28
New cards
Credential management training
Credential management training teaches users how to protect authentication methods from theft or misuse.
Example: Users should learn how to spot fake login pages phishing messages pharming attempts and suspicious credential requests.
Memory trick: Credential training = Teach users not to hand over keys.
Trick question tip: If the question mentions user awareness around protecting login methods think credential management training.
Example: Users should learn how to spot fake login pages phishing messages pharming attempts and suspicious credential requests.
Memory trick: Credential training = Teach users not to hand over keys.
Trick question tip: If the question mentions user awareness around protecting login methods think credential management training.
29
New cards
Credential theft
Credential theft happens when an attacker obtains authentication information such as a password token or other login secret.
Example: A user may type their password into a fake login page and unknowingly give the password to an attacker.
Memory trick: Credential theft = Login proof stolen.
Trick question tip: If the question mentions stolen usernames passwords or authentication secrets think credential theft.
Example: A user may type their password into a fake login page and unknowingly give the password to an attacker.
Memory trick: Credential theft = Login proof stolen.
Trick question tip: If the question mentions stolen usernames passwords or authentication secrets think credential theft.
30
New cards
Phishing and credentials
Phishing can trick users into entering credentials into an unsafe form or fake website.
Example: A fake email may claim the user needs to reset their password and link to a spoofed login page.
Memory trick: Phishing = Fake message fishing for credentials.
Trick question tip: If the attack uses a message or link to steal login information think phishing.
Example: A fake email may claim the user needs to reset their password and link to a spoofed login page.
Memory trick: Phishing = Fake message fishing for credentials.
Trick question tip: If the attack uses a message or link to steal login information think phishing.
31
New cards
Pharming and credentials
Pharming redirects users to a spoofed site so they may enter credentials into the wrong place.
Example: A user may type the correct website name but be redirected to a fake login page because of a DNS or redirection attack.
Memory trick: Pharming = Fake site through redirection.
Trick question tip: If the user is redirected to a spoofed site even when they think they went to the right place think pharming.
Example: A user may type the correct website name but be redirected to a fake login page because of a DNS or redirection attack.
Memory trick: Pharming = Fake site through redirection.
Trick question tip: If the user is redirected to a spoofed site even when they think they went to the right place think pharming.
32
New cards
Spoofed site
A spoofed site is a fake website designed to look like a real trusted website.
Example: A spoofed login page may copy the appearance of a real service so users enter their credentials.
Memory trick: Spoofed site = Fake site wearing a real site’s clothes.
Trick question tip: If the question mentions a fake website pretending to be a trusted one think spoofed site.
Example: A spoofed login page may copy the appearance of a real service so users enter their credentials.
Memory trick: Spoofed site = Fake site wearing a real site’s clothes.
Trick question tip: If the question mentions a fake website pretending to be a trusted one think spoofed site.
33
New cards
Unsecure form
An unsecure form is a form that should not be trusted for entering sensitive credentials.
Example: A login form on a spoofed or suspicious page may collect usernames and passwords for an attacker.
Memory trick: Unsecure form = Do not type secrets there.
Trick question tip: If the question mentions users entering credentials into an unsafe form think credential theft risk.
Example: A login form on a spoofed or suspicious page may collect usernames and passwords for an attacker.
Memory trick: Unsecure form = Do not type secrets there.
Trick question tip: If the question mentions users entering credentials into an unsafe form think credential theft risk.
34
New cards
System-enforced account policy
A system-enforced account policy automatically applies authentication rules to user accounts.
Example: The system can enforce minimum password length password history lockout thresholds and other account rules.
Memory trick: System-enforced policy = The system makes users follow the rule.
Trick question tip: If the question mentions automatic requirements enforced by the system think system-enforced account policy.
Example: The system can enforce minimum password length password history lockout thresholds and other account rules.
Memory trick: System-enforced policy = The system makes users follow the rule.
Trick question tip: If the question mentions automatic requirements enforced by the system think system-enforced account policy.
35
New cards
Password length
Password length is the minimum or maximum number of characters allowed in a password.
Example: A policy may require passwords to be at least a certain number of characters long.
Memory trick: Password length = How long the password must be.
Trick question tip: If the question mentions minimum or maximum number of characters think password length.
Example: A policy may require passwords to be at least a certain number of characters long.
Memory trick: Password length = How long the password must be.
Trick question tip: If the question mentions minimum or maximum number of characters think password length.
36
New cards
Minimum password length
Minimum password length requires passwords to have at least a certain number of characters.
Example: A longer password or passphrase can be harder to guess or crack than a very short password.
Memory trick: Minimum length = Password cannot be too short.
Trick question tip: If the question asks what prevents short passwords think minimum password length.
Example: A longer password or passphrase can be harder to guess or crack than a very short password.
Memory trick: Minimum length = Password cannot be too short.
Trick question tip: If the question asks what prevents short passwords think minimum password length.
37
New cards
Maximum password length
Maximum password length is the largest number of characters the system allows in a password.
Example: Some systems define both a minimum and maximum password length, though long passphrases are often encouraged when supported.
Memory trick: Maximum length = Password cannot be too long for the system.
Trick question tip: If the question mentions the upper character limit for passwords think maximum password length.
Example: Some systems define both a minimum and maximum password length, though long passphrases are often encouraged when supported.
Memory trick: Maximum length = Password cannot be too long for the system.
Trick question tip: If the question mentions the upper character limit for passwords think maximum password length.
38
New cards
Password complexity
Password complexity requires passwords to follow character-type rules.
Example: A complexity rule may require uppercase letters lowercase letters numbers and special characters.
Memory trick: Complexity = Mix character types.
Trick question tip: If the question mentions uppercase lowercase numbers or non-alphanumeric characters think password complexity.
Example: A complexity rule may require uppercase letters lowercase letters numbers and special characters.
Memory trick: Complexity = Mix character types.
Trick question tip: If the question mentions uppercase lowercase numbers or non-alphanumeric characters think password complexity.
39
New cards
Non-alphanumeric character
A non-alphanumeric character is a character that is not a letter or number.
Example: Symbols such as punctuation marks can count as non-alphanumeric characters in a password complexity rule.
Memory trick: Non-alphanumeric = Symbol character.
Trick question tip: If the question mentions special characters or symbols in passwords think non-alphanumeric.
Example: Symbols such as punctuation marks can count as non-alphanumeric characters in a password complexity rule.
Memory trick: Non-alphanumeric = Symbol character.
Trick question tip: If the question mentions special characters or symbols in passwords think non-alphanumeric.
40
New cards
Username in password restriction
A username in password restriction prevents users from including their username inside the password.
Example: If the username is part of the password the password may be easier to guess.
Memory trick: Do not put your account name in the secret.
Trick question tip: If the question mentions blocking the username from appearing inside the password think password complexity rule.
Example: If the username is part of the password the password may be easier to guess.
Memory trick: Do not put your account name in the secret.
Trick question tip: If the question mentions blocking the username from appearing inside the password think password complexity rule.
41
New cards
Password age
Password age controls when a password must be changed based on time.
Example: A policy may require a user to choose a new password after a set number of days.
Memory trick: Password age = How old the password can get.
Trick question tip: If the question mentions changing a password after a set number of days think password age.
Example: A policy may require a user to choose a new password after a set number of days.
Memory trick: Password age = How old the password can get.
Trick question tip: If the question mentions changing a password after a set number of days think password age.
42
New cards
Password aging
Password aging may allow the user to log in with the old password but then require an immediate password change.
Example: A user signs in after the aging period and is forced to choose a new password before continuing.
Memory trick: Aging = Old password still gets one last login then change.
Trick question tip: If the user can still log in but must immediately pick a new password think password aging.
Example: A user signs in after the aging period and is forced to choose a new password before continuing.
Memory trick: Aging = Old password still gets one last login then change.
Trick question tip: If the user can still log in but must immediately pick a new password think password aging.
43
New cards
Password expiration
Password expiration means the outdated password can no longer be used to sign in.
Example: If a password is expired the account may effectively be disabled until the password is reset or changed through an allowed process.
Memory trick: Expiration = Old password no longer works.
Trick question tip: If the user cannot sign in with the outdated password think expiration.
Example: If a password is expired the account may effectively be disabled until the password is reset or changed through an allowed process.
Memory trick: Expiration = Old password no longer works.
Trick question tip: If the user cannot sign in with the outdated password think expiration.
44
New cards
Password aging vs expiration
Password aging may force a password change after login while expiration may prevent login with the outdated password.
Example: Aging lets the user authenticate and then immediately change the password. Expiration blocks sign-in with that old password.
Memory trick: Aging = Change after login. Expiration = Cannot login.
Trick question tip: If the question separates these terms remember aging may still permit login but expiration does not.
Example: Aging lets the user authenticate and then immediately change the password. Expiration blocks sign-in with that old password.
Memory trick: Aging = Change after login. Expiration = Cannot login.
Trick question tip: If the question separates these terms remember aging may still permit login but expiration does not.
45
New cards
Password reuse
Password reuse means using the same password again for the same system or across different services.
Example: A user may reuse a work password on a personal shopping site which creates risk if that outside site is breached.
Memory trick: Reuse = Same password in more than one place.
Trick question tip: If the question mentions using a work password elsewhere or choosing an old password again think password reuse.
Example: A user may reuse a work password on a personal shopping site which creates risk if that outside site is breached.
Memory trick: Reuse = Same password in more than one place.
Trick question tip: If the question mentions using a work password elsewhere or choosing an old password again think password reuse.
46
New cards
Password history
Password history prevents users from reusing a certain number of previous passwords.
Example: If password history remembers the last several passwords the user cannot immediately switch back to one of them.
Memory trick: Password history = Blocks old passwords.
Trick question tip: If the question mentions how many previous passwords are blocked think password history.
Example: If password history remembers the last several passwords the user cannot immediately switch back to one of them.
Memory trick: Password history = Blocks old passwords.
Trick question tip: If the question mentions how many previous passwords are blocked think password history.
47
New cards
Password reuse and history policy
A password reuse and history policy prevents users from selecting passwords they have already used.
Example: The history setting controls how many previous passwords are remembered and blocked by the system.
Memory trick: History remembers so users cannot repeat.
Trick question tip: If the question mentions preventing repeated passwords think password history.
Example: The history setting controls how many previous passwords are remembered and blocked by the system.
Memory trick: History remembers so users cannot repeat.
Trick question tip: If the question mentions preventing repeated passwords think password history.
48
New cards
Minimum password age
Minimum password age prevents users from changing passwords repeatedly just to return to a preferred old password.
Example: Without minimum age a user could change their password many times quickly until the old favorite password is allowed again.
Memory trick: Minimum age = No fast cycling back.
Trick question tip: If the question mentions stopping quick password cycling think minimum password age.
Example: Without minimum age a user could change their password many times quickly until the old favorite password is allowed again.
Memory trick: Minimum age = No fast cycling back.
Trick question tip: If the question mentions stopping quick password cycling think minimum password age.
49
New cards
Password cycling
Password cycling is quickly changing passwords multiple times to bypass password history rules.
Example: A user might try to change their password several times in a row so they can reuse a favorite older password.
Memory trick: Password cycling = Speed-running back to the old password.
Trick question tip: If the question mentions rapidly changing passwords to reuse a previous one think password cycling.
Example: A user might try to change their password several times in a row so they can reuse a favorite older password.
Memory trick: Password cycling = Speed-running back to the old password.
Trick question tip: If the question mentions rapidly changing passwords to reuse a previous one think password cycling.
50
New cards
Soft password policy
A soft password policy relies on user behavior and training rather than automatic system enforcement.
Example: Telling users not to reuse their work password on outside websites is a soft policy because the organization may not be able to technically enforce it everywhere.
Memory trick: Soft policy = User must follow it.
Trick question tip: If the organization can only train or instruct users rather than technically block the behavior think soft policy.
Example: Telling users not to reuse their work password on outside websites is a soft policy because the organization may not be able to technically enforce it everywhere.
Memory trick: Soft policy = User must follow it.
Trick question tip: If the organization can only train or instruct users rather than technically block the behavior think soft policy.
51
New cards
Traditional password best practices
Traditional password best practices often included complexity rules password aging and password hints.
Example: Older password policies often forced frequent password changes and required a mix of letters numbers and symbols.
Memory trick: Traditional password rules = Complex and changed often.
Trick question tip: If the question mentions older password policy habits think traditional password best practices.
Example: Older password policies often forced frequent password changes and required a mix of letters numbers and symbols.
Memory trick: Traditional password rules = Complex and changed often.
Trick question tip: If the question mentions older password policy habits think traditional password best practices.
52
New cards
Modern NIST password guidance
Modern NIST guidance deprecates some traditional password practices such as forced complexity frequent aging and password hints.
Example: Modern guidance generally favors stronger memorable passwords or passphrases and avoiding practices that cause users to choose weaker patterns.
Memory trick: Modern guidance = Longer memorable passwords over annoying rules.
Trick question tip: If the question mentions newer NIST guidance be careful with automatic complexity aging and password hints because those may be deprecated.
Example: Modern guidance generally favors stronger memorable passwords or passphrases and avoiding practices that cause users to choose weaker patterns.
Memory trick: Modern guidance = Longer memorable passwords over annoying rules.
Trick question tip: If the question mentions newer NIST guidance be careful with automatic complexity aging and password hints because those may be deprecated.
53
New cards
Password hint
A password hint is a clue meant to help a user remember a password.
Example: Password hints can be risky because they may help attackers guess the password.
Memory trick: Password hint = Clue attackers may also read.
Trick question tip: If the question asks why password hints are discouraged think they can expose clues about the password.
Example: Password hints can be risky because they may help attackers guess the password.
Memory trick: Password hint = Clue attackers may also read.
Trick question tip: If the question asks why password hints are discouraged think they can expose clues about the password.
54
New cards
Password policy and training
Password policy and training work together to reduce credential-based attacks.
Example: System rules can enforce some password requirements while training teaches users how to avoid phishing spoofed sites and unsafe password reuse.
Memory trick: Rules plus training protect credentials.
Trick question tip: If the question mentions both system-enforced requirements and user awareness think password policy and training.
Example: System rules can enforce some password requirements while training teaches users how to avoid phishing spoofed sites and unsafe password reuse.
Memory trick: Rules plus training protect credentials.
Trick question tip: If the question mentions both system-enforced requirements and user awareness think password policy and training.
55
New cards
Password manager
A password manager is an app or service that stores and manages passwords in a protected vault.
Example: A password manager can save different passwords for different accounts so the user does not have to reuse the same password everywhere.
Memory trick: Password manager = Secure password vault.
Trick question tip: If the question mentions storing many unique passwords in one protected place think password manager.
Example: A password manager can save different passwords for different accounts so the user does not have to reuse the same password everywhere.
Memory trick: Password manager = Secure password vault.
Trick question tip: If the question mentions storing many unique passwords in one protected place think password manager.
56
New cards
Password vault
A password vault is the protected storage area where a password manager keeps saved credentials.
Example: The vault may store usernames passwords account details and other login information for different websites or services.
Memory trick: Vault = Locked storage for passwords.
Trick question tip: If the question mentions the protected storage area inside a password manager think password vault.
Example: The vault may store usernames passwords account details and other login information for different websites or services.
Memory trick: Vault = Locked storage for passwords.
Trick question tip: If the question mentions the protected storage area inside a password manager think password vault.
57
New cards
Master password
A master password is the main password used to unlock a password manager vault.
Example: The user may only need to remember one strong master password while the password manager stores unique passwords for many accounts.
Memory trick: Master password = One password to unlock the vault.
Trick question tip: If the question mentions the password that protects the whole vault think master password.
Example: The user may only need to remember one strong master password while the password manager stores unique passwords for many accounts.
Memory trick: Master password = One password to unlock the vault.
Trick question tip: If the question mentions the password that protects the whole vault think master password.
58
New cards
Weak master password risk
A weak master password can expose all passwords stored in the password manager vault.
Example: If an attacker guesses or steals the master password they may gain access to many saved account credentials at once.
Memory trick: Weak master password = Weak vault lock.
Trick question tip: If the question asks for a major password manager risk think weak master password.
Example: If an attacker guesses or steals the master password they may gain access to many saved account credentials at once.
Memory trick: Weak master password = Weak vault lock.
Trick question tip: If the question asks for a major password manager risk think weak master password.
59
New cards
Password reuse risk
Password reuse risk happens when the same password is used for multiple accounts or services.
Example: If a personal website is breached and the user reused that password at work attackers may try the same password against the corporate account.
Memory trick: Reused password = One breach can unlock more doors.
Trick question tip: If the question mentions using the same password for corporate and consumer sites think password reuse risk.
Example: If a personal website is breached and the user reused that password at work attackers may try the same password against the corporate account.
Memory trick: Reused password = One breach can unlock more doors.
Trick question tip: If the question mentions using the same password for corporate and consumer sites think password reuse risk.
60
New cards
How password managers reduce reuse
A password manager reduces reuse by helping users create and store unique passwords for each account.
Example: Instead of remembering every password the user remembers the master password and lets the manager store different strong passwords for each site.
Memory trick: Password manager = Unique passwords without memorizing all of them.
Trick question tip: If the question asks what helps users avoid reusing passwords think password manager.
Example: Instead of remembering every password the user remembers the master password and lets the manager store different strong passwords for each site.
Memory trick: Password manager = Unique passwords without memorizing all of them.
Trick question tip: If the question asks what helps users avoid reusing passwords think password manager.
61
New cards
Random password generation
Random password generation creates unpredictable passwords for accounts.
Example: When a user creates or updates an account the password manager can generate a random password that meets the site’s length and complexity requirements.
Memory trick: Random generator = Strong password creator.
Trick question tip: If the question mentions creating unpredictable passwords automatically think random password generation.
Example: When a user creates or updates an account the password manager can generate a random password that meets the site’s length and complexity requirements.
Memory trick: Random generator = Strong password creator.
Trick question tip: If the question mentions creating unpredictable passwords automatically think random password generation.
62
New cards
Password generation parameters
Password generation parameters are settings that control the length and complexity of generated passwords.
Example: A user may adjust the password manager to create passwords with a certain number of characters symbols numbers or uppercase and lowercase letters.
Memory trick: Parameters = Password recipe settings.
Trick question tip: If the question mentions adjusting generated password length or complexity think password generation parameters.
Example: A user may adjust the password manager to create passwords with a certain number of characters symbols numbers or uppercase and lowercase letters.
Memory trick: Parameters = Password recipe settings.
Trick question tip: If the question mentions adjusting generated password length or complexity think password generation parameters.
63
New cards
Browser password manager
A browser password manager stores and fills passwords through a web browser.
Example: Many browsers include built-in password management features that can save and autofill account credentials.
Memory trick: Browser password manager = Password vault inside the browser.
Trick question tip: If the question mentions a browser saving or filling passwords think browser password manager.
Example: Many browsers include built-in password management features that can save and autofill account credentials.
Memory trick: Browser password manager = Password vault inside the browser.
Trick question tip: If the question mentions a browser saving or filling passwords think browser password manager.
64
New cards
Operating system password manager
An operating system password manager stores credentials through the operating system’s built-in credential tools.
Example: Some operating systems include built-in credential storage that can save passwords or keys for apps and services.
Memory trick: OS password manager = Built into the device system.
Trick question tip: If the question mentions built-in credential storage from the operating system think operating system password manager.
Example: Some operating systems include built-in credential storage that can save passwords or keys for apps and services.
Memory trick: OS password manager = Built into the device system.
Trick question tip: If the question mentions built-in credential storage from the operating system think operating system password manager.
65
New cards
Third-party password manager
A third-party password manager is a separate password manager app or service installed by the user or organization.
Example: A third-party password manager may use a browser extension or app to generate store and fill passwords.
Memory trick: Third-party manager = Separate password app.
Trick question tip: If the question mentions installing a password manager plug-in or separate service think third-party password manager.
Example: A third-party password manager may use a browser extension or app to generate store and fill passwords.
Memory trick: Third-party manager = Separate password app.
Trick question tip: If the question mentions installing a password manager plug-in or separate service think third-party password manager.
66
New cards
Password manager browser plug-in
A password manager browser plug-in lets the password manager work with the user’s browser.
Example: The plug-in can detect login forms offer to fill saved credentials and help save new account passwords.
Memory trick: Browser plug-in = Password manager’s browser helper.
Trick question tip: If the question mentions an add-on extension or plug-in used to fill passwords think password manager browser plug-in.
Example: The plug-in can detect login forms offer to fill saved credentials and help save new account passwords.
Memory trick: Browser plug-in = Password manager’s browser helper.
Trick question tip: If the question mentions an add-on extension or plug-in used to fill passwords think password manager browser plug-in.
67
New cards
Cloud password vault
A cloud password vault stores password manager data online so it can sync across devices.
Example: A user may access saved passwords from a laptop phone and tablet because the vault is stored through a cloud service.
Memory trick: Cloud vault = Passwords available across devices.
Trick question tip: If the question mentions accessing the vault on multiple devices think cloud password vault.
Example: A user may access saved passwords from a laptop phone and tablet because the vault is stored through a cloud service.
Memory trick: Cloud vault = Passwords available across devices.
Trick question tip: If the question mentions accessing the vault on multiple devices think cloud password vault.
68
New cards
Local password vault
A local password vault stores password manager data only on the user’s device.
Example: Some password managers offer local-only storage so the vault is not synced through a cloud service.
Memory trick: Local vault = Passwords stay on the device.
Trick question tip: If the question mentions no cloud storage or only device-based storage think local password vault.
Example: Some password managers offer local-only storage so the vault is not synced through a cloud service.
Memory trick: Local vault = Passwords stay on the device.
Trick question tip: If the question mentions no cloud storage or only device-based storage think local password vault.
69
New cards
Cloud vault risk
A cloud vault risk is that the password manager vendor’s cloud storage or systems could be compromised.
Example: If attackers compromise the provider’s systems they may try to access password vault data or attack the password manager service.
Memory trick: Cloud vault = Convenient sync but provider risk.
Trick question tip: If the question asks for a password manager risk involving the vendor think cloud storage or vendor system compromise.
Example: If attackers compromise the provider’s systems they may try to access password vault data or attack the password manager service.
Memory trick: Cloud vault = Convenient sync but provider risk.
Trick question tip: If the question asks for a password manager risk involving the vendor think cloud storage or vendor system compromise.
70
New cards
Site identity validation
Site identity validation means checking that the website is legitimate before filling credentials.
Example: A password manager may validate the site identity using the website’s digital certificate before offering to fill a saved password.
Memory trick: Validate site before filling password.
Trick question tip: If the question mentions checking a site’s digital certificate before autofill think site identity validation.
Example: A password manager may validate the site identity using the website’s digital certificate before offering to fill a saved password.
Memory trick: Validate site before filling password.
Trick question tip: If the question mentions checking a site’s digital certificate before autofill think site identity validation.
71
New cards
Password autofill
Password autofill automatically enters saved credentials into a login form.
Example: When the user visits a saved site the password manager may offer to fill the username and password.
Memory trick: Autofill = Manager types the password for you.
Trick question tip: If the question mentions automatically filling a login form think password autofill.
Example: When the user visits a saved site the password manager may offer to fill the username and password.
Memory trick: Autofill = Manager types the password for you.
Trick question tip: If the question mentions automatically filling a login form think password autofill.
72
New cards
Autofill spoofing risk
Autofill spoofing risk happens when an attacker tries to trick a password manager into filling credentials on a fake site.
Example: A spoofed login page may try to look like a real website so the manager or user submits saved credentials to the wrong place.
Memory trick: Fake site plus autofill = Credential risk.
Trick question tip: If the question mentions a spoofed site tricking a manager into filling a password think autofill spoofing risk.
Example: A spoofed login page may try to look like a real website so the manager or user submits saved credentials to the wrong place.
Memory trick: Fake site plus autofill = Credential risk.
Trick question tip: If the question mentions a spoofed site tricking a manager into filling a password think autofill spoofing risk.
73
New cards
Digital certificate in password managers
A digital certificate can help a password manager verify a website’s identity before filling credentials.
Example: The password manager checks whether the site identity matches the saved login before presenting an option to fill the password.
Memory trick: Certificate check = Is this the right site?
Trick question tip: If the question mentions password managers validating site identity think digital certificate.
Example: The password manager checks whether the site identity matches the saved login before presenting an option to fill the password.
Memory trick: Certificate check = Is this the right site?
Trick question tip: If the question mentions password managers validating site identity think digital certificate.
74
New cards
Password manager benefits
Password managers help users use strong unique passwords without needing to memorize each one.
Example: A password manager can generate random passwords store them in a vault and fill them only when the correct site is visited.
Memory trick: Password manager = Strong unique passwords made usable.
Trick question tip: If the question asks how to reduce weak passwords and password reuse think password manager.
Example: A password manager can generate random passwords store them in a vault and fill them only when the correct site is visited.
Memory trick: Password manager = Strong unique passwords made usable.
Trick question tip: If the question asks how to reduce weak passwords and password reuse think password manager.
75
New cards
Password manager risks
The main password manager risks are weak master passwords vendor compromise and spoofed-site impersonation attacks.
Example: A password manager is helpful but it must be protected with a strong master password and users still need to watch for fake login pages.
Memory trick: Manager risks = Weak master vendor breach fake site.
Trick question tip: If the question asks for password manager risks remember weak master password cloud/vendor compromise and impersonation attacks.
Example: A password manager is helpful but it must be protected with a strong master password and users still need to watch for fake login pages.
Memory trick: Manager risks = Weak master vendor breach fake site.
Trick question tip: If the question asks for password manager risks remember weak master password cloud/vendor compromise and impersonation attacks.
76
New cards
Single-factor authentication
Single-factor authentication uses only one type of authentication factor.
Example: Logging in with only a password is single-factor authentication because it uses only something you know.
Memory trick: Single-factor = One proof only.
Trick question tip: If the login uses only one category such as only a password think single-factor authentication.
Example: Logging in with only a password is single-factor authentication because it uses only something you know.
Memory trick: Single-factor = One proof only.
Trick question tip: If the login uses only one category such as only a password think single-factor authentication.
77
New cards
Why password-only authentication is weak
Password-only authentication is weak because password secrets are easy to steal guess reuse or expose.
Example: A user may reuse a password on another site or enter it into a fake login page which can let attackers access the account.
Memory trick: Password-only = One stolen secret breaks access.
Trick question tip: If the question asks why passwords alone are not reliable think password compromise risk.
Example: A user may reuse a password on another site or enter it into a fake login page which can let attackers access the account.
Memory trick: Password-only = One stolen secret breaks access.
Trick question tip: If the question asks why passwords alone are not reliable think password compromise risk.
78
New cards
Multifactor authentication MFA
Multifactor authentication MFA uses more than one type of authentication factor.
Example: A user may sign in with a password and then approve a login using a smartphone app or smart card.
Memory trick: MFA = Multiple factor types.
Trick question tip: If the question asks for more than one type of proof think MFA.
Example: A user may sign in with a password and then approve a login using a smartphone app or smart card.
Memory trick: MFA = Multiple factor types.
Trick question tip: If the question asks for more than one type of proof think MFA.
79
New cards
MFA requirement
MFA requires different categories of authentication factors not just multiple pieces from the same category.
Example: A password plus a PIN is stronger than one password alone but both are something you know so it is not true MFA.
Memory trick: MFA = Different factor families.
Trick question tip: If both factors are knowledge-based such as PIN and date of birth do not call it multifactor.
Example: A password plus a PIN is stronger than one password alone but both are something you know so it is not true MFA.
Memory trick: MFA = Different factor families.
Trick question tip: If both factors are knowledge-based such as PIN and date of birth do not call it multifactor.
80
New cards
Two-factor authentication 2FA
Two-factor authentication 2FA uses exactly two different authentication factor types.
Example: A smart card plus a PIN is 2FA because the smart card is something you have and the PIN is something you know.
Memory trick: 2FA = Two factor types.
Trick question tip: If the question says exactly two factors are involved think 2FA.
Example: A smart card plus a PIN is 2FA because the smart card is something you have and the PIN is something you know.
Memory trick: 2FA = Two factor types.
Trick question tip: If the question says exactly two factors are involved think 2FA.
81
New cards
MFA vs 2FA
MFA means two or more different factor types while 2FA means exactly two factor types.
Example: Password plus smart card is 2FA and also MFA. Password plus smart card plus fingerprint is MFA with more than two factors.
Memory trick: 2FA is a type of MFA.
Trick question tip: If there are exactly two factor types choose 2FA. If there are two or more factor types choose MFA.
Example: Password plus smart card is 2FA and also MFA. Password plus smart card plus fingerprint is MFA with more than two factors.
Memory trick: 2FA is a type of MFA.
Trick question tip: If there are exactly two factor types choose 2FA. If there are two or more factor types choose MFA.
82
New cards
Something you have
Something you have is an authentication factor based on an object the account holder possesses.
Example: A smart card key fob security token or smartphone can be something you have.
Memory trick: Something you have = Physical or owned proof.
Trick question tip: If the user must possess a card phone token or device think something you have.
Example: A smart card key fob security token or smartphone can be something you have.
Memory trick: Something you have = Physical or owned proof.
Trick question tip: If the user must possess a card phone token or device think something you have.
83
New cards
Ownership factor
An ownership factor is another name for something you have.
Example: A smartphone that receives or generates a login code is an ownership factor because the user must possess the phone.
Memory trick: Ownership factor = Proof you own or possess it.
Trick question tip: If the question uses ownership factor think something you have.
Example: A smartphone that receives or generates a login code is an ownership factor because the user must possess the phone.
Memory trick: Ownership factor = Proof you own or possess it.
Trick question tip: If the question uses ownership factor think something you have.
84
New cards
Smart card
A smart card is a physical card used as an ownership factor for authentication.
Example: A user may insert or tap a smart card and enter a PIN to authenticate with two different factor types.
Memory trick: Smart card = Card you have.
Trick question tip: If the question mentions a card used with a PIN for login think smart card and 2FA.
Example: A user may insert or tap a smart card and enter a PIN to authenticate with two different factor types.
Memory trick: Smart card = Card you have.
Trick question tip: If the question mentions a card used with a PIN for login think smart card and 2FA.
85
New cards
Key fob
A key fob is a small device used as an ownership factor for authentication.
Example: A key fob may generate a temporary code that the user enters during login.
Memory trick: Key fob = Tiny login token.
Trick question tip: If the question mentions a small device that generates authentication codes think key fob.
Example: A key fob may generate a temporary code that the user enters during login.
Memory trick: Key fob = Tiny login token.
Trick question tip: If the question mentions a small device that generates authentication codes think key fob.
86
New cards
Smartphone authentication factor
A smartphone can be an ownership factor when it receives or generates authentication tokens.
Example: A user may receive a push notification or generate a temporary code on a phone during login.
Memory trick: Phone factor = Device you have.
Trick question tip: If the question mentions receiving or generating a token on a phone think something you have.
Example: A user may receive a push notification or generate a temporary code on a phone during login.
Memory trick: Phone factor = Device you have.
Trick question tip: If the question mentions receiving or generating a token on a phone think something you have.
87
New cards
Cryptographic token
A cryptographic token is a value generated or received by an authentication device to help prove possession.
Example: A smartphone or key fob may generate a temporary code used during the login process.
Memory trick: Token = Temporary proof code.
Trick question tip: If the question mentions generated or received login codes think cryptographic token.
Example: A smartphone or key fob may generate a temporary code used during the login process.
Memory trick: Token = Temporary proof code.
Trick question tip: If the question mentions generated or received login codes think cryptographic token.
88
New cards
Something you are
Something you are is an authentication factor based on a biometric or inherence characteristic.
Example: Fingerprints facial scans iris scans and gait patterns can be used as something you are.
Memory trick: Something you are = Body or behavior proof.
Trick question tip: If the factor is based on a physical or behavioral trait think something you are.
Example: Fingerprints facial scans iris scans and gait patterns can be used as something you are.
Memory trick: Something you are = Body or behavior proof.
Trick question tip: If the factor is based on a physical or behavioral trait think something you are.
89
New cards
Biometric factor
A biometric factor uses a physical or behavioral identifier to authenticate a user.
Example: A fingerprint scan facial recognition or gait pattern can be used as a biometric factor.
Memory trick: Biometric = Body-based identity.
Trick question tip: If the question mentions fingerprints face scans or behavior patterns think biometric factor.
Example: A fingerprint scan facial recognition or gait pattern can be used as a biometric factor.
Memory trick: Biometric = Body-based identity.
Trick question tip: If the question mentions fingerprints face scans or behavior patterns think biometric factor.
90
New cards
Inherence factor
An inherence factor is another name for something you are.
Example: A fingerprint is an inherence factor because it is tied to the user’s physical identity.
Memory trick: Inherence = Part of who you are.
Trick question tip: If the question uses inherence factor think biometric or something you are.
Example: A fingerprint is an inherence factor because it is tied to the user’s physical identity.
Memory trick: Inherence = Part of who you are.
Trick question tip: If the question uses inherence factor think biometric or something you are.
91
New cards
Physiological biometric
A physiological biometric uses a physical body characteristic.
Example: Fingerprints facial scans iris scans and palm prints are physiological biometrics.
Memory trick: Physiological = Physical body trait.
Trick question tip: If the biometric is based on a body part or physical feature think physiological biometric.
Example: Fingerprints facial scans iris scans and palm prints are physiological biometrics.
Memory trick: Physiological = Physical body trait.
Trick question tip: If the biometric is based on a body part or physical feature think physiological biometric.
92
New cards
Behavioral biometric
A behavioral biometric uses a pattern in how someone behaves or moves.
Example: Gait typing rhythm voice pattern or the way someone uses a device may be behavioral biometric signals.
Memory trick: Behavioral = How you act or move.
Trick question tip: If the biometric is based on behavior movement or patterns over time think behavioral biometric.
Example: Gait typing rhythm voice pattern or the way someone uses a device may be behavioral biometric signals.
Memory trick: Behavioral = How you act or move.
Trick question tip: If the biometric is based on behavior movement or patterns over time think behavioral biometric.
93
New cards
Gait
Gait is the way a person walks or moves and can be used as a behavioral biometric.
Example: A system may analyze someone’s walking pattern as part of identity verification.
Memory trick: Gait = Walking pattern.
Trick question tip: If the question mentions movement or walking style as authentication think gait.
Example: A system may analyze someone’s walking pattern as part of identity verification.
Memory trick: Gait = Walking pattern.
Trick question tip: If the question mentions movement or walking style as authentication think gait.
94
New cards
Biometric template
A biometric template is a stored reference pattern created from a biometric scan.
Example: A fingerprint scan may be recorded as a template so future fingerprint scans can be compared to it.
Memory trick: Template = Stored biometric reference.
Trick question tip: If the question mentions recording biometric identifiers for later comparison think biometric template.
Example: A fingerprint scan may be recorded as a template so future fingerprint scans can be compared to it.
Memory trick: Template = Stored biometric reference.
Trick question tip: If the question mentions recording biometric identifiers for later comparison think biometric template.
95
New cards
Biometric authentication process
Biometric authentication compares a new scan to a stored biometric template.
Example: A user scans their face during login and the system compares the scan to the stored face template.
Memory trick: Scan now compare to template.
Trick question tip: If the question mentions scanning and comparing to a stored pattern think biometric authentication.
Example: A user scans their face during login and the system compares the scan to the stored face template.
Memory trick: Scan now compare to template.
Trick question tip: If the question mentions scanning and comparing to a stored pattern think biometric authentication.
96
New cards
Somewhere you are
Somewhere you are is an authentication factor based on location.
Example: A system may consider the user’s geographic location IP address network segment physical port VLAN or Wi-Fi network during authentication.
Memory trick: Somewhere you are = Location proof.
Trick question tip: If the authentication decision uses location or network location think somewhere you are.
Example: A system may consider the user’s geographic location IP address network segment physical port VLAN or Wi-Fi network during authentication.
Memory trick: Somewhere you are = Location proof.
Trick question tip: If the authentication decision uses location or network location think somewhere you are.
97
New cards
Location-based authentication
Location-based authentication uses location information as part of an authentication or access decision.
Example: A remote login from an unexpected country may be denied or given fewer privileges even if the password is correct.
Memory trick: Location-based authentication = Where are you logging in from?
Trick question tip: If the question mentions country IP address geolocation network segment VLAN Wi-Fi or physical port think location-based authentication.
Example: A remote login from an unexpected country may be denied or given fewer privileges even if the password is correct.
Memory trick: Location-based authentication = Where are you logging in from?
Trick question tip: If the question mentions country IP address geolocation network segment VLAN Wi-Fi or physical port think location-based authentication.
98
New cards
Geographic location factor
A geographic location factor uses a device’s location service or geolocation data.
Example: A system may detect that a login attempt is coming from a country the user does not normally access from.
Memory trick: Geographic factor = Map location.
Trick question tip: If the question mentions city country GPS or geolocation service think geographic location factor.
Example: A system may detect that a login attempt is coming from a country the user does not normally access from.
Memory trick: Geographic factor = Map location.
Trick question tip: If the question mentions city country GPS or geolocation service think geographic location factor.
99
New cards
IP address location factor
An IP address location factor uses the device’s network address to support authentication decisions.
Example: A user’s IP address may identify a logical network segment or be mapped to an approximate geographic location.
Memory trick: IP location = Network address clue.
Trick question tip: If the question mentions IP network address or location from IP think IP address location factor.
Example: A user’s IP address may identify a logical network segment or be mapped to an approximate geographic location.
Memory trick: IP location = Network address clue.
Trick question tip: If the question mentions IP network address or location from IP think IP address location factor.
100
New cards
Premises network location
Premises network location uses local network details as part of an authentication or access decision.
Example: A system may use the physical switch port VLAN or Wi-Fi network to help determine where the user is connecting from.
Memory trick: Premises location = Where inside the network.
Trick question tip: If the question mentions physical port VLAN or Wi-Fi network as location clues think premises network location.
Example: A system may use the physical switch port VLAN or Wi-Fi network to help determine where the user is connecting from.
Memory trick: Premises location = Where inside the network.
Trick question tip: If the question mentions physical port VLAN or Wi-Fi network as location clues think premises network location.