Download presentation
Presentation is loading. Please wait.
Published byRoberta Anthony Modified over 8 years ago
1
Understand User Authentication LESSON 2.1A 98-367 Security Fundamentals
2
LESSON 2.1A Lesson Overview In this lesson you will learn about the principles of authentication methods. 1. What the user knows 2. What the user has 3. What the user is
3
98-367 Security Fundamentals LESSON 2.1A Authentication Methods Passwords User IDs Biometrics o Facial scanners o Iris scanners o Voice recognition o Fingerprint readers o Hand scanners o Signature scan
4
98-367 Security Fundamentals LESSON 2.1A Authentication Methods (continued) Two-factor authentication o Smart cards o USB tokens o Digital certificates
5
98-367 Security Fundamentals LESSON 2.1A Active Directory Domain Services (AD DS) Formerly known as Active Directory ® Directory Services Central location for configuration information, authentication requests, and information about all of the objects that are stored within your forest Used to efficiently manage users, computers, groups, printers, applications, and other directory-enabled objects from one secure, centralized location
6
98-367 Security Fundamentals LESSON 2.1A Kerberos A network authentication protocol Designed to provide strong authentication for client/server applications by using secret-key cryptography Massachusetts Institute of Technology Massachusetts Institute of Technology A free implementation of this protocol is available from the Massachusetts Institute of Technology Massachusetts Institute of Technology Available in many commercial products as well
7
98-367 Security Fundamentals LESSON 2.1A Lightweight Directory Access Protocol (LDAP) A directory service protocol that runs on a layer above the TCP/IP stack Provides a mechanism used to connect to, search, and modify Internet directories The LDAP directory service is based on a client-server model The function of LDAP is to enable access to an existing directory
8
98-367 Security Fundamentals LESSON 2.1A Remote Authentication Dial-In User Service (RADIUS) A widely deployed protocol enabling centralized authentication, authorization, and accounting for network access Originally developed for dial-up remote access Now supported by virtual private network (VPN) servers, wireless access points, authenticating Ethernet switches, digital subscriber line (DSL) access, and other network access types The general structure of a RADIUS packet:
9
98-367 Security Fundamentals LESSON 2.1A TACACS Authentication Scheme Uses a secret key to encrypt the authentication request This key must be identically configured in both the Forefront UAG and the TACACS authentication server
10
98-367 Security Fundamentals LESSON 2.1A Practice Summarize the key points in a brief discussion of each of the following concepts: 1. Strong passwords 2. Single sign-on 3. Dumpster diving 4. Spoofing 5. Social engineering 6. Phishing 7. Pharming
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.