Authentication

Authentication is the process by which credentials are presented and validated to enable access. There are a number of different methods of authentication. Passwords are the most common type of authentication and are usually coupled with user identification (user IDs). Tokens and certificates are often used in place of passwords to provide a higher level of security. Tokens can contain unique identifiers (e.g., digital signatures or keys). Tokens can also store biometric data—for example, fingerprints.

There are several different types of combinations of authentication. Higher levels of security are generally associated with more levels of authentication (multifactor). For example, two-factor authentication might include a token and a password. Kerberos is a protocol for authentication made up of two components: a ticket (distributed by a service) for user authentication and a key that is developed from the user's password. Another authentication scheme is the Challenge-Handshake Authentication Protocol (CHAP), which uses a representation (hash) of the user's password to authenticate.

Check Your Knowledge

Choose the best answer to each question:
Question 1
Which of the following is the least secure password that can be enhanced by the use of a token to supply better security?
one-time password
static password
dynamic password
passphrase password
Question 2
When a message is encrypted, it provides for which of the following?
confidentiality
nonrepudiation
authentication
authorization
Question 3
If you digitally sign a message, which of the following are covered?
authentication
nonrepudiation
integrity
all of the above
Question 4
When employees access the company network via remote access, which of the following provides the most reliable authentication?
virtual private networks
synchronous token with a one-time password
asynchronous token with a one-time password
both synchronous tokens and asynchronous tokens with one-time passwords
Question 5
Point-to-point authentication protocols include which of the following?
EAP (Extensible Authentication Protocol)
CHAP (Challenge Handshake Authentication Protocol)
PAP (Password Authentication Protocol)
all of the above
Question 6
If a password is disclosed giving a hacker unauthorized access to all of a user's system assets, this would be a danger of which of the following user access options?
single sign-on
single-use passwords
strong passphrases
multifactor authentication
Question 7
Two-factor authentication is highly used for access control because of which of the following?
It is biometric in nature.
It uses single-factor authentication.
It requires more than one proof of identity for users.
all of the above
Question 8
Which of the following provides for integrity and originality of a message and is often accepted just as a handwritten signature?
public and private key signatures
digital signatures
crypto signature
multifactor signature
Question 9
When working with a biometric authentication system, there are instances where valid subjects are falsely rejected. This is defined as which of the following?
false acceptance rate (FAR) or type II error
false authentication rate (FAR) or type I error
false refusal rate (FRR) or type II error
false rejection rate (FRR) or type I error
Question 10
Complete this sentence: ___________ is an open source authentication protocol, and it uses ____________ to encrypt and decrypt keys.
ElGamal/cryptography
Kerberos/public key
Kerberos/passwords
ElGamal/private key
Question 11
The CHAP protocol acronym that uses a three-way handshake to protect passwords stands for which of the following?
Challenge Handshake Application Protocol
Challenge Handshake Authority Protocol
Challenge Handshake Authentication Protocol
Challenge Handshake Authorization Protocol
Question 12
Which of the following is a method commonly used for asserting the origination of data or a message with reasonable certainty?
digital certificates
encryption
CHAP
all of the above
Question 13
All of the following are in the three categories of authentication except:
something the user knows
something the user previously owned
something the user is
something the user has
Question 14
When at least two or more factors can be verified for a user in order to verify authentication, this concept is called which of the following?
multifactor authentication
two-factor authentication
strong authentication
all of the above
Question 15
Within the area of three factors for authentication, a password falls under which category?
something the user knows
something the user has
something the user is
something the user created