1. 802.1X and EAP
    1. IEEE 802.1X
      1. An IEEE Standard for port-based Network Access Control (PNAC).
      2. It is part of the IEEE 802.1 group of networking protocols.
      3. It provides an authentication mechanism to devices wishing to attach to a LAN or WLAN.
      4. Describe the three components of an 802.1X connection:
        1. Supplicant:
          1. A client on a device. Also called an Authentication Agent
        2. Authenticator:
          1. A WAP or switch that approves the user's provided password
        3. AAA Server:
          1. RADIUS, Diameter, or TACACS+ server
      5. List the four steps involved in the AAA (802.1X) authentication process:
        1. Initialization:
          1. If a switch or AP detects a new supplicant, the port connection enables port 802.1X traffic. Other traffic is dropped.
        2. Initiation:
          1. The authenticator periodically sends EAP requests to a MAC address on the network, which includes the encrypted username of the user. The supplicant listens for this address and sends an EAP response that includes a one-way hashed value calculated from the password. The authenticator checks this hashed value against its stored value. Assuming these two values match, the authenticator encapsulates the response and sends it to the authentication server.
        3. Negotiation:
          1. The authentication server then sends a reply to the authenticator. The authentication server specifies which EAP method to use. Then the authenticator transmits that request to the supplicant.
        4. Authentication:
          1. If the supplicant and the authentication server agree on an EAP method, the two transmit until there is either success or failure to authenticate the supplicant computer.
    2. Extensible Authentication Protocol (EAP):
      1. A protocol for wireless networks that expands on authentication methods used by the Point-to-Point Protocol (PPP)
      2. Explain the purpose of LEAP, PEAP, EAP-MD5, EAP-TLS, EAP-TTLS, and EAP-FAST:
        1. LEAP (Lightweight Extensible Authentication Protocol) is a Cisco-proprietary protocol, developed prior to the industry standard. There are now known security issues with LEAP.
        2. PEAP (Protected Extensible Authentication Protocol) is a newer EAP draft that is gathering support to become an Internet standard.
        3. EAP-MD5 uses CHAP (Challenge Handshake Authentication Protocol) to provide one-way authentication.
        4. EAP-TLS uses Transport Layer Security (TLS), a certificate-based system, to provide mutual (bidirectional) security. Because of this, it is not well-suited for enterprise servers.
        5. EAP-TTLS uses Tunneled Transport Layer Security (TTLS), a version of TLS with encapsulation added. This version of EAP is well-suited for enterprises because it requires only server-side certificates.
        6. EAP-FAST uses Flexible Authentication via Secure Tunneling, a protected access credential (instead of a certificate) to achieve mutual authentication.
  2. Kerberos
    1. Single Sign-On (SSO)
      1. An authentication method in which a user authenticates to an SSO authentication server.
      2. After the SSO server authenticates the user, that user is able to access other systems within the organization without the need to authenticate again.
    2. Kerberos
      1. Kerberos is a well-known authentication protocol used to implement SSO. It uses the notion of tickets to contain the proof of authentication.
      2. Kerberos v5 is described in RFC 4120.
      3. The main components of Kerberos are:
        1. Key Distribution Center (KDC):
          1. The main component of a Kerberos system.
          2. Consists of three parts:
          3. Authentication Server (AS):
          4. Initial authentication
          5. Ticket-Granting Server (TGS):
          6. Provides tickets
          7. Kerberos Database:
          8. Contains all information about users, hosts, and principals.
        2. Principal:
          1. A client or server entity that participates in the Kerberos realm.
        3. Ticket:
          1. A record that proves the identity of the client when authenticating to a principal.
        4. Authenticator:
          1. A second authentication source that reduces the likelihood of a replay (MitM) attack. Includes information about the principal and a session key.
        5. Realm:
          1. A domain where the authentication service has authority.
  3. Lightweight Directory Access Protocol (LDAP)
    1. A software protocol for enabling anyone to locate organizations, individuals, and other resources such as files and devices in a network, whether on the public Internet or on a corporate intranet.
  4. Remote Desktop Services
    1. RPC can be directly modified, and provided with an encryption protocol, within the Windows registry, with the following path:
      1. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp