ITT Technical Institute, Tampa FL
Instructor: David Marquez
17 April, 2014
1. What are the three major categories used to provide authentication of an individual?
a) something you know (e.g., a password)
b) something you have (e.g., a certificate with associated private key or smart card)
c) something you are (a biometric)
2. What is Authorization and how is this concept aligned with Identification and Authentication?
a) Authorization is the process of determining whether an entity, once authenticated, is permitted to access a specific asset.
b) Authorization is what takes place after a person has been both identified and authenticated; it’s the step that determines what a person can then do on the system.
3. Provide at least 3 examples of Network Architecture Controls that help enforce data access policies at the LAN-to-WAN Domain level.
a) Firewalls: Controls the traffic flow between a trusted network and an untrusted network. Usually firewalls are used to protect the boundaries of a network.
b) Access control lists (ACL): Include restrictions on inbound and outbound connections, as well as connections between LAN segments internal to the site/enclave.
c) Logical IDS: Network and workstation mechanisms that monitors network traffic and provide real-time alarms for network-based attacks Service Network.
4. When a computer is physically connected to a network port, manual procedures and/or an automated method must exist to perform what type of security functions at the Network Port and Data Switch level for access control? Name and define at least three.
a) Physical Security - Is intended to detect and deter unauthorized personnel from gaining access.
b) Logical Network Port Security – Implemented by configuring the network switch such that specific ports accept connections from one or more specific MAC address (es). Only a device configured with the authorized MAC address is allowed to access that network port.