Security+ Guide to Network Security Fundamentals

  • Notes
  • 9
  • 100% (2) 2 out of 2 people found this document helpful

This preview shows page 5 - 7 out of 9 pages.

5. Note that cognitive biometrics is related to the perception, thought process, and understanding of the user. 6. Explain that cognitive biometrics is considered to be much easier for the user to remember because it is based on the user’s life experience and it is very difficult for an attacker to imitate. Quick Quiz 1 1. A(n) ____ is a secret combination of letters, numbers, and/or characters that only the user should know. Answer: password 2. The ____ attack will slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters such as @, $, !, or %. Answer: hybrid 3. True or False: A token is typically a small device (usually one that can be affixed to a keychain) with a window display. Answer: True 4. True or False: Cognitive biometrics is considered to be much more difficult for the user to remember. Answer: False Single Sign-On 1. Explain that one of the problems facing users today is the fact that they have multiple accounts across multiple platforms that all ideally use a unique username and password. 2. Explain that the idea behind identity management is to have one username and password to gain access to all accounts so that the user only has one username and password to remember. 3. Note that when networks are owned by different organizations, it is called federated identity management (FIM). Teaching Tip Ensure that students understand the difference between type I and type II errors in biometric authentication systems.
Image of page 5

Subscribe to view the full document.

Security+ Guide to Network Security Fundamentals, Fourth Edition 10-6 4. Discus single sign-on (SSO), which is one application of FIM. Windows Live ID 1. Discuss Windows Live ID, which requires a user to create a standard username and password. 2. Explain that although Windows Live ID was originally designed as a federated identity management system that would be used by a wide variety of Web servers, because of security issues and privacy concerns, Windows Live ID received limited support. OpenID 1. Explain that OpenID is a decentralized open source FIM that does not require specific software to be installed on the desktop. 2. Note that OpenID is a Uniform Resource Locator (URL)-based identity system. 3. Discuss the steps for creating and using OpenID: a. The user goes to a free site that provides OpenID accounts, such as MyOpenID.com, and creates an account with a username (Me) and password. The user is then given the OpenID account of Me.myopenid.com. b. When the user visits a Web site like BuyThis.com that requires him to sign in, he can instead choose to use OpenID. He simply enters his OpenID URL, Me.myopenid.com. c. BuyThis.com redirects him to MyOpenID.com where he is required to enter his password to authenticate himself and indicate he trusts BuyThis.com with his identity. d. MyOpenID.com sends him back to BuyThis.com, where he is now authenticated. 4. Discuss the weaknesses of OpenID. Open Authorization (OAuth) 1. Explain that Open Authorization (OAuth) is a technology to avoid using multiple passwords similar to OpenID.
Image of page 6
Image of page 7
You've reached the end of this preview.
  • '
  • NoProfessor
  • Identity Management, Network Security Fundamentals, OpenID, Security+ Guide

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern