Upgrade to remove ads
Only $2.99/month

Chapter 9 short answer

Terms in this set (10)

List two major access control models
Mac,dac,rbac
Describe the two key elements of the MAC model
Labels to represent the relative importance of the object and subjects are assigned a privilege label
Describe the lattice model
Multiple lattices can even be placed beside each other to allow for different groups of labels
Describe the bell lapadula model
This protection prevents subjects from creating a new performing specific functions on objects that are at a lower level then their own
Discuss the two significant weaknesses of DAC
DAC poses risks in that it relies on decisions by the end user to set the proper level of security. Also subjects permissions will be inherited by any programs that the subject executes
List two of the most common types of authentication and AA servers
AAA servers are radius Kerberos TACACS ,lightweight directory access protocol or LDAP
List the steps for radius authentication with a wireless device in an 802.1x network
Step one last device called the supplicant sends a request on an AP requesting permission to join the WLAN the AP prompt the user for user ID and password
Step to the AP serving as the authenticator will except or reject the wireless device create a data package from this information called the authentication request
Step three when it authentication request is received the radius server validates that the request is from an approved AP and then decrypt the DataPacket to access the username and password information this information is passed on to the appropriate security user database
Step four if the username and password are correct the radius server sends an authentication acknowledgment that includes information on the users network system and service requirements
Step five if accounting is also supported by the radius server and entry is started on the accounting database
Step six once the server information is received and verified by the AP enables the necessary configuration to deliver the wireless services to the user
Discuss how Kerberos works
It's typically use when a user attempt to access the network service and that network service requires authentication. The user is issued a ticket by ther Kerberos authentication server
Discuss the differences between DAP and LDAP
DAP requires special software to access the network
LDAP HAS SIMILAR FUNCTION MAKING IT EASIER AND LESS EXPENSIVE AND IT ALSO ENcodes IT'S CRITICAL ELEMENTS in a less complex way
Describe LDAP injections attacks
These attacks are similar to SQL injection attacks when user input is not properly filtered and this may allow an attacker to construct LDAP statement based on user input
THIS SET IS OFTEN IN FOLDERS WITH...