When it comes to authentication, there are various models that can be used in order to prove a user’s true identity. All of these models can be used though some are more commonly used than others. Keep all of them in mind and know the differences and what type of system they are used on most often.
· Biometric reader – Biometric readers are equipment that requires scanning or viewing of a user’s fingerprint, iris scan, and other features to authenticate. The hardware is made to scan a certain body part that is used as a piece of identification. Biometric readers have downfalls when it comes to false rejection rates
· RADIUS – Remote Authentication Dial-in User Service, better known as RADIUS is a networking tool that allows for centralization authentication as well as authorization and accounting management in order for computers to connect and utilize a network service. RADIUS is often used by ISP companies in order to maintain internal networks, wireless networks, email services, DSL, web servers, VPNs, and others.
· RAS – Remote Access Services can be a combination of software and hardware in order to enable remote access tools that are homed on a network. An RAS server combines multiple channels of communication into one single one. You’ll have multiple machines connecting to a single resource or a single machine connecting to various resources. RAS servers can provide virtual and physical resources.
· LDAP – Lightweight Directory Access Protocol. The current LDAP version is Version 3 and it is used to query and change data collected in directory services that are then implemented and used on IP networks.
· Remote access policies – Remote access policies are a set of rules that are needed to define how connections or rejected or authorized. Each rule is accompanied by conditions, remote access permission settings, and profile settings. When a connection is authorized the remote access policy allows for a certain set of connection restrictions.
· Kerberos – Kerberos is an authentication protocol that allows for users to utilize single sign-on to a network. It uses a key distribution center that maintains and completes the process. The KDC authenticates the user or program and then provides a ticket which can be used to authenticate against other users, programs, etc. Note how widely used Kerberos is.
· CHAP – Challenge Handshake Authentication Protocol works by challenging a system to verify a user’s or program’s identity. CHAP is an upgrade to PAP as it utilizes a one-way hashing technique unlike PAP. However, the 3 part handshake agreement is still in place.
· PAP – Password Authentication Protocol does not provide a true sense of security but it is used to authenticate. It is known for its simplicity and is used to validate a user, through a password, before any access is granted.
Mutual, 802.1x, remote authentication, and TACACS are also important in this section. Be aware of them and make note of how they provide authentication.
GetCertify4Less and GetCertified4Less
No comments:
Post a Comment