Exam 16: User Authentication

the __________ is an entity that verifies the claimant's identity by verifying the claimant's possession and control of one or two authenticators using an authentication protocol.

One way to counter suppress-replay attacks is to enforce the requirement that parties regularly check their clocks against the KDC's clock.

A __________ is a random value to be repeated in a message to assure that the response is fresh and has not been replayed by an opponent.

SSO enables a user to access all network resources after a single authentication.

the simplest replay attack is one in which the opponent simply copies a message and replays it later.

the credential service provider is a trusted entity that issues or registers subscriber authenticators.

User __________ is the process of determining whether some user or some application or process acting on behalf of a user is, in fact, who or what it declares itself to be.

__________ is an extension of identity management to multiple security domains such as autonomous internal business units, external business partners and other third party applications and services with the goal of sharing digital identities so that a user can be authenticated a single time and then access applications and resources across multiple domains.

____________ technology provides access control for systems by checking to see if a user's credentials match the credentials in a database of authorized users or in a data authentication server.

____________ authentication involves a single transfer of information from one user (A) intended for another (B).

__________ are items that connect to a computer logically or physically in order to authenticate identity.

__________ assign attributes to users, such as roles, access permissions, and employee information.

A subject undergoing the processes of enrollment and identity proofing is the __________ .

Inherence factor is something the individual is or does.

there are a variety of problems including dealing with false positives and false negatives, user acceptance, cost, and convenience with respect to biometric authenticators.

Multifactor authentication is generally no more secure than single factor authentication.

An entity that relies upon the subscriber's authenticator(s) and credentials or a verifier's assertion of a claimant's identity, typically to process a transaction or grant access to information or a system is the __________ .

the __________ is a data structure that authoritatively binds an identity and additional attributes to one or more authenticators possessed by a subscriber, and can be verified when presented to the verifier in an authentication transaction.

the clocks among the various participants are not required to be synchronized when using the timestamp approach.

Identity federation is in essence an extension of identity management to multiple security domains.