What is Authentication?
Proving you are who you say you are
What is Authorization?
What do you have permission to do?
What is Accounting?
Keeping records of any change made to a system, as well as tracking who made those changes and when
RADIUS
Remote Authentication Dial-In User Service
Industry Standard for managing AAA requirements
User will connect to a Remote Access Server (outside the network), this Remote Access Server will then communicate with a RADIUS server (within the network) and verify that the supplied credentials are correct
In modern topologies, Wireless AP’s can act as external Remote Access Servers
TACAS
Terminal Access Controller Access - Control System
CISCO Proprietary Protocol for managing AAA requirements
Access Client (in the context of RADIUS)
The user who is asking for a connection to the network, communicates with the RADIUS Client
RADIUS Client
The device which communicates with the internal RADIUS server on behalf of the Access Client
-
Security Control Categories6
-
Security Control Types8
-
Principals of Security7
-
Authentication Factors2
-
Authorization and Access Control Models5
-
Authentication, Authorization, Accounting7
-
Principals of Zero Trust6
-
Deception and Disruption Technologies2
-
Business Processes and Security Operations8
-
Encryption Solutions9
-
Public Key Infrastructure (PKI)7
-
Examining Digital Certificates10
