CompTIA Security+ Domain 4 Exam
100% Correct!
Authorization - ANSWERSaccess resources based on proven identity
Accounting - ANSWERStrack user activity and record activity in logs
Authenticaion - ANSWERSproviding Identity
ex: password
Identification - ANSWERSclaiming an identity
ex: username
Authentication Factors - ANSWERSSomething you know, something you are,
something you have, somewhere you are, something you do.
Something you Know - ANSWERSrefers to a shared secret- least secure form of
authentication
Password Complexity - ANSWERSUppercase
Lowercase
Numbers
Special Characters
Password Length-14
Something You Have - ANSWERSrefers to something physically held
Smart Cards - ANSWERSCredit card sized card containing a microchip for data storage
and processing.
Somewhere you are - ANSWERSidentifies a user's location
Something you do - ANSWERSrefers to actions you can take such as gestures on a
touch screen
Something You Are - ANSWERSuses biometrics for authentication
Federation - ANSWERSA formal association containing many individual groups
Federated Identity Management - ANSWERSAn arrangement that can be made among
multiple enterprises that lets subscribers use the same identification data to obtain
access to the networks of all enterprises in the group
, Single sign-on - ANSWERSA gateway service that permits users to log in once with a
single user ID and password to gain access to multiple software applications.
Transitive Trust - ANSWERSA trust relationship between two or more domains in a tree,
in which each domain has access to objects in the others.
LDAP - ANSWERSspecifies formats and methods to query directories- based on earlier
version of X.500
Kerberos - ANSWERSnetwork authentication mechanism used with Active Directory
domains and some Unix ralms
Kerberos Requirements - ANSWERSA method of issuing tickets used for authentication
Time Synchronization
Database of subjects or users
TACACS+ - ANSWERSCisco alternative to RADIUS; used for
remote access and authentication with routers and other network devices; uses
multiple challenges and responses between the client and the server; encrypts the
entire authentication process; uses TCP
CHAP - ANSWERSused to provide authentication by using the user's password to
encrypt a challenge string of random numbers
PAP - ANSWERSused to provide authentication but not secure since it transmits login
credentials in plaintext
MS-CHAP - ANSWERSMicrosoft's variation of the Challenge Handshake Authentication
Protocol
that uses a slightly more advanced encryption protocol.
Deprecated
MS-CHAPv2 - ANSWERSAn improvement over MS-CHAP which includes mutual
authentication.
SAML - ANSWERSused to exchange authentication and authorization information
between different parties
- SSO for web-based applications.
Roles Defined By SAML - ANSWERSPrincipal
Identity Provider
Service Provider
OAuth - ANSWERSopen standard for authorization many companies use to provide
secure access to protected resources
100% Correct!
Authorization - ANSWERSaccess resources based on proven identity
Accounting - ANSWERStrack user activity and record activity in logs
Authenticaion - ANSWERSproviding Identity
ex: password
Identification - ANSWERSclaiming an identity
ex: username
Authentication Factors - ANSWERSSomething you know, something you are,
something you have, somewhere you are, something you do.
Something you Know - ANSWERSrefers to a shared secret- least secure form of
authentication
Password Complexity - ANSWERSUppercase
Lowercase
Numbers
Special Characters
Password Length-14
Something You Have - ANSWERSrefers to something physically held
Smart Cards - ANSWERSCredit card sized card containing a microchip for data storage
and processing.
Somewhere you are - ANSWERSidentifies a user's location
Something you do - ANSWERSrefers to actions you can take such as gestures on a
touch screen
Something You Are - ANSWERSuses biometrics for authentication
Federation - ANSWERSA formal association containing many individual groups
Federated Identity Management - ANSWERSAn arrangement that can be made among
multiple enterprises that lets subscribers use the same identification data to obtain
access to the networks of all enterprises in the group
, Single sign-on - ANSWERSA gateway service that permits users to log in once with a
single user ID and password to gain access to multiple software applications.
Transitive Trust - ANSWERSA trust relationship between two or more domains in a tree,
in which each domain has access to objects in the others.
LDAP - ANSWERSspecifies formats and methods to query directories- based on earlier
version of X.500
Kerberos - ANSWERSnetwork authentication mechanism used with Active Directory
domains and some Unix ralms
Kerberos Requirements - ANSWERSA method of issuing tickets used for authentication
Time Synchronization
Database of subjects or users
TACACS+ - ANSWERSCisco alternative to RADIUS; used for
remote access and authentication with routers and other network devices; uses
multiple challenges and responses between the client and the server; encrypts the
entire authentication process; uses TCP
CHAP - ANSWERSused to provide authentication by using the user's password to
encrypt a challenge string of random numbers
PAP - ANSWERSused to provide authentication but not secure since it transmits login
credentials in plaintext
MS-CHAP - ANSWERSMicrosoft's variation of the Challenge Handshake Authentication
Protocol
that uses a slightly more advanced encryption protocol.
Deprecated
MS-CHAPv2 - ANSWERSAn improvement over MS-CHAP which includes mutual
authentication.
SAML - ANSWERSused to exchange authentication and authorization information
between different parties
- SSO for web-based applications.
Roles Defined By SAML - ANSWERSPrincipal
Identity Provider
Service Provider
OAuth - ANSWERSopen standard for authorization many companies use to provide
secure access to protected resources
