Scribd
Upload
196 views

CISSP Notes

The document discusses various concepts related to authentication including false rejection and acceptance rates, keystroke dynamics, AAA authentication, single sign-on protocols, kerberos tickets, password cracking techniques like rainbow tables, one-time passwords, honey pots, and TEMPEST rooms for shielding device emanations. The key points are that the crossover error rate should be as low as possible, kerberos uses symmetric keys for single sign-on, and honey pots and TEMPEST rooms are used to study hackers and shield devices.

Uploaded by

frédéric Masiala
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
196 views

CISSP Notes

The document discusses various concepts related to authentication including false rejection and acceptance rates, keystroke dynamics, AAA authentication, single sign-on protocols, kerberos tickets, password cracking techniques like rainbow tables, one-time passwords, honey pots, and TEMPEST rooms for shielding device emanations. The key points are that the crossover error rate should be as low as possible, kerberos uses symmetric keys for single sign-on, and honey pots and TEMPEST rooms are used to study hackers and shield devices.

Uploaded by

frédéric Masiala
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

FRR, False rejection rate : type 1

FAR, False accept rate : type 2

Intersection of both gives the Crossover Error rate (CER) or Equal Error Rate (EER). The CER should be
get as lower as possible

Keystroke dynamics:

- Dwell time: time to hold the key


- Flight time: time of pressure between two keys

AAA: who you are, what you’re allowed to do and tracking what you’re doing

Best practice: Radius for normal users and TACACS auth for admins

SSO: user logs on the network system and is not prompted to auth anymore based on access control
levels

Kerbeors is a protocol for SSO, uses symmetric key

TGT: ticket granting Ticket

KERBEROS SYSTEM
SESAME: multi vendor, symmetric and asymmetric

Rainbow table: try to discover password by comparing passwords

OTP: one time password

Honey pots: fake servers/ ressources that are made easy targets for hackers and better understand
the origin.

TEMPEST room: shield on any kind of emanation from devices

You might also like