350-701 Practice Questions

Explanation

Explanation

Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more

verification factors to gain access to a resource. MFA requires means of verification that unauthorized users

won’t have.

Proper multi-factor authentication uses factors from at least two different categories.

MFA methods:

+ Knowledge – usually a password – is the most commonly used tool in MFA solutions. However, despite their

simplicity, passwords have become a security problem and slow down productivity.

+ Physical factors – also called possession factors–use tokens, such as a USB dongle or a portable device,

that generate a temporary QR (quick response) code. Mobile phones are commonly used, as they have the

advantage of being readily available in most situations.

+ Inherent – This category includes biometrics like fingerprint, face, and retina scans. As technology advances,

it may also include voice ID or other behavioral inputs like keystroke metrics. Because inherent factors are

reliably unique, always present, and secure, this category shows promise.

+ Location-based and time-based – Authentication systems can use GPS coordinates, network parameters,

and metadata for the network in use, and device recognition for MF

A.  

data points with historical or contextual user data.

A time factor in conjunction with a location factor could detect an attacker attempting to authenticate in Europe

when the user was last authenticated in California an hour prior, for example.

+ Time-based one-time password (TOTP) – This is generally used in 2FA but could apply to any MFA

method where a second step is introduced dynamically at login upon completing a first step. The wait for a

second step–in which temporary passcodes are sent by SMS or email–is usually brief, and the process is easy

to use for a wide range of users and devices. This method is currently widely used.

+ Social media – In this case a user grants permission for a website to use their social media username and

password for login. This provide an easy login process, and one generally available to all users.

+ Risk-based authentication – Sometimes called adaptive multi-factor authentication, this method combines

adaptive authentication and algorithms that calculate risk and observe the context of specific login requests.

The goal of this method is to reduce redundant logins and provide a more user-friendly workflow.

+ Push-based 2FA – Push-based 2FA improves on SMS and TOTP 2FA by adding additional layers of security

while improving ease of use. It confirms a user’s identity with multiple factors of authentication that other

methods cannot. Because push-based 2FA sends notifications through data networks like cellular or Wi-Fi,

users must have data access on their mobile devices to use the 2FA functionality.

sfr {fail-open | fail-close [monitor-only]} <- There's a couple different options here. The first one is fail-open which means that if the Firepower software module is unavailable, the ASA will continue to forward traffic. fail-close means that if the Firepower module fails, the traffic will stop flowing. While this doesn't seem ideal, there might be a use case for it when securing highly regulated environments. The monitor-only switch can be used with both and basically puts the Firepower services into IDS-mode only. This might be useful for initial testing or setup.

Mobile device management (MDM) is a solution that allows organizations to manage and secure mobile devices such as smartphones and tablets. MDM can provide two security benefits:

Robust security policy enforcement: MDM can enforce strong security practices and hygiene by defining unified settings that can be applied across your fleet. This centralized software ensures all devices are continuously staying in compliance. For example, MDM can configure settings like full-disk encryption, screen locks, password policies, device restrictions, VPN, firewall, antivirus, and more. MDM can also prevent unwanted or risky software from being installed, and remotely lock or wipe devices if they are lost, stolen, or compromised1.

Privacy control checks: MDM can help organizations stay compliant with privacy regulations and protect sensitive data from unauthorized access. MDM can segment personal and corporate data on devices, and selectively wipe only corporate data when needed. MDM can also monitor device usage and location, and alert administrators of any suspicious or anomalous behavior. MDM can also provide secure containers for sensitive documents and content, and encrypt data in transit and at rest23.