IS3230 Lab 5
ITT Technical Institute, Tampa FL
Instructor: David Marquez
17 April, 2014
1. What are the three major categories used to provide authentication of an individual?
a) something you know (e.g., a password)
b) something you have (e.g., a certificate with associated private key or smart card)
c) something you are (a biometric)
2. What is Authorization and how is this concept aligned with Identification and Authentication?
a) Authorization is the process of determining whether an entity, once authenticated, is permitted to access a specific asset.
b) Authorization is what takes place after a person has been both identified and authenticated; it’s the step that determines what a person can then do on…show more content… This standard provides for user/device authentication as well as distribution and management of encryption keys.
5. What is a Network Access Control (NAC) System? Explain its benefits in securing access control to a network.
a) NAC is a networking solution for wired and Wi-Fi connections that identifies potential problems on a computer before it accesses the network. NAC uses a set of protocols to define and implement a policy that describes how to secure access to network nodes by devices when they initially attempt to access the network.
b) A benefit of NAC is the ability to control access to a network access to the LAN without putting the network in danger. Based on a computer's credentials and the software installed on it, a NAC system may give it full access to the LAN, deny it any access, or give it partial access.
6. Explain the purpose of a Public Key Infrastructure (PKI) and give an example of how you would implement it in a large organization whose major concern is the proper distribution of certificates across many sites.
a) A PKI (public key infrastructure) enables users of a basically unsecure public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority.
b) Work with one of the globally trusted roots, Cybertrust, to deploy a CA on your premises that is subordinate to a Cybertrust root CA. You can build and