Page 62 - StudyBook.pdf
P. 62
46 Chapter 1 • General Security Concepts: Access Control, Authentication, and Auditing
Authentication
Kerberos is a multi-platform authentication method that requires tickets
(tokens) and a KDC. It exists as a realm in most platforms, and is utilized
in the domain environment in Windows Active Directory structures.
CHAP can utilize a shared secret, and uses a one-way hash to protect the
secret.
Certificates require a CA, which is used to create the digital certificates
used for digital signatures, mutual identification, and verification.
Username/password is the most basic security usage, and is available in
most platforms.
Tokens are hardware and software devices for random generation of
passcodes to further secure the authentication process.
Multi-factor authentication is the use of more than one type of
authentication concurrently to strengthen the authentication process, such
as requiring a card and PIN together.
Mutual authentication consists of using various methods to verify both
parties to the transaction to the other.
Biometrics is used with devices that have the ability to authenticate
something you already have, such as a fingerprint or retinal image.
Auditing
An auditing policy must be established and evaluated to determine what
resources or accesses need to be tracked.
Usually retained in log files, which may be used to track paths and
violations. Good logging may be used for prosecution, if necessary.
Important that someone is responsible for viewing and analyzing regularly.
Removing Non-essential Services
Remove unused and unneeded components from servers, network
components, and workstations, including functions such as DNS and
DHCP.
www.syngress.com
