SlideShare a Scribd company logo

PACE-IT, Security + 5.1: Summary of Authentication Services

Download as PPTX, PDF
Pace IT at Edmonds Community College
Pace IT at Edmonds Community College

CompTIA exam study guide presentations by instructor Brian Ferrill, PACE-IT (Progressive, Accelerated Certifications for Employment in Information Technology) "Funded by the Department of Labor, Employment and Training Administration, Grant #TC-23745-12-60-A-53" Learn more about the PACE-IT Online program: www.edcc.edu/pace-it

Education
1 of 13
Summary of authentication services.
Page 2 Instructor, PACE-IT Program – Edmonds Community College Areas of Expertise Industry Certifications  PC Hardware  Network Administration  IT Project Management  Network Design  User Training  IT Troubleshooting Qualifications Summary Education  M.B.A., IT Management, Western Governor’s University  B.S., IT Security, Western Governor’s University Entrepreneur, executive leader, and proven manger with 10+ years of experience turning complex issues into efficient and effective solutions. Strengths include developing and mentoring diverse workforces, improving processes, analyzing business needs and creating the solutions required— with a focus on technology.
Page 3 – Function and purpose of authentication services. – Authentication services. PACE-IT
Page 4 Summary of authentication services.
Page 5 A best practice in network security is to require authorization when access is desired either to the network or resources on the network. Authentication services are basically the first step in the authorization process. Authentication services require requesters to prove that they are who they say they are by the submission of some type of credentials (e.g., usernames and passwords). The service then examines the credentials against a database. The database will contain information on which credentials the authentication service will accept. If accepted, one of two things occurs—the authorization is granted or the authentication service passes the approved credentials to an authorization service. Summary of authentication services.
Page 6 Summary of authentication services.
Page 7 Authentication services may be part of an AAA (Authentication, Authorization and Accounting) protocol. AAA protocols will validate the credentials of the requester (authentication), grant access to the resource (authorization), and then log the requestor’s activity (accounting). All of these separate functions can be combined into a single protocol. In other cases, the individual services (i.e., authentication, authorization, and accounting) are actually separated. In this situation, the services will be set up in a manner in which they will pass information back and forth in order to form a holistic, secure environment. Summary of authentication services.
Page 8 – RADIUS (Remote Authentication Dial-In User Service). » A remote access service that is used to authenticate remote users and grant them access to authorized network resources. » It is a popular AAA protocol used to help ensure that only authenticated end users are using the network resources they are authorized to use. • The accounting features are very robust. » Only the requester’s (the end user’s) password is encrypted. – TACACS+ (Terminal Access Controller Access-Control System Plus). » A remote access service that is used to authenticate remote devices and grant them access to authorized network resources. » It is a popular AAA protocol used to help ensure that only authenticated remote network devices are using the network resources they are authorized to use. • The accounting features are not as robust as those of RADIUS. » All transmissions between devices are encrypted. Summary of authentication services.
Page 9 – Kerberos. » Authentication protocol, which uses TCP or UDP port 88. » A system of authentication and authorization that works well in environments that have a lot of clients. » The Key Distribution Center (KDC) is the main component. » The KDC has two parts—the authentication server (AS) and the Ticket-Granting Service (TGS). » When a user logs in, a hash of his or her username and password is sent to the AS; if the AS likes the hash, it responds with a ticket granting ticket (TGT) and a timestamp. » The client sends the TGT with timestamp to the TGS. » The TGS responds with a service ticket (can also be called an access token or just a token). » The service ticket (token) authorizes the user to access specific resources. » As long as the TGT is still valid, the TGS will grant authorization by issuing a new service ticket. Summary of authentication services.
Page 10 – LDAP (Lightweight Directory Access Protocol). » A directory service protocol that can be used to authenticate clients. • LDAP requests are sent over TCP port 389. » Applications that are LDAP compliant will validate (authenticate) the client and then retrieve the requested information stored in the directory. – Secure LDAP. » Encrypted version of LDAP using SSL (Secure Socket Layer) over TCP port 636. • All communication between the client and LDAP is secure. – SAML (Security Assertion Markup Language). » An XML (Extensible Markup Language) standard that is used to allow systems to exchange authentication and authorization information. Summary of authentication services.
Page 11 Summary of authentication services. Authentication services are the first step in the authorization process. Authentication services check to ensure that requesters are who they claim to be through a process of validating the requesters’ credentials (e.g., usernames and passwords) against information contained in a database. If the credentials are accepted, they are then passed onto the authorization service. If the credentials are rejected, so is the requester. Topic Function and purpose of authentication services. Summary Authentication services may form part of an AAA protocol. AAA protocols will perform authentication, authorization, and accounting services for networks and network resources. Popular authentication services include: RADIUS, TACACS+, Kerberos, LDAP, Secure LDAP, and SAML. Authentication services.
Page 12 THANK YOU!
This workforce solution was 100 percent funded by a $3 million grant awarded by the U.S. Department of Labor's Employment and Training Administration. The solution was created by the grantee and does not necessarily reflect the official position of the U.S. Department of Labor. The Department of Labor makes no guarantees, warranties, or assurances of any kind, express or implied, with respect to such information, including any information on linked sites and including, but not limited to, accuracy of the information or its completeness, timeliness, usefulness, adequacy, continued availability or ownership. Funded by the Department of Labor, Employment and Training Administration, Grant #TC-23745-12-60-A-53. PACE-IT is an equal opportunity employer/program and auxiliary aids and services are available upon request to individuals with disabilities. For those that are hearing impaired, a video phone is available at the Services for Students with Disabilities (SSD) office in Mountlake Terrace Hall 159. Check www.edcc.edu/ssd for office hours. Call 425.354.3113 on a video phone for more information about the PACE-IT program. For any additional special accommodations needed, call the SSD office at 425.640.1814. Edmonds Community College does not discriminate on the basis of race; color; religion; national origin; sex; disability; sexual orientation; age; citizenship, marital, or veteran status; or genetic information in its programs and activities.

Recommended

PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)Pace IT at Edmonds Community College
 
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 2)
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 2)PACE-IT, Security+ 6.1: Introduction to Cryptography (part 2)
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 2)Pace IT at Edmonds Community College
 
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)Pace IT at Edmonds Community College
 
PACE-IT, Security+ 6.2: Cryptographic Methods (part 1)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 1)PACE-IT, Security+ 6.2: Cryptographic Methods (part 1)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 1)Pace IT at Edmonds Community College
 
PACE-IT, Security + 5.3: Security Controls for Account Management
PACE-IT, Security + 5.3: Security Controls for Account ManagementPACE-IT, Security + 5.3: Security Controls for Account Management
PACE-IT, Security + 5.3: Security Controls for Account ManagementPace IT at Edmonds Community College
 
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)Pace IT at Edmonds Community College
 
PACE-IT, Security+ 4.1: Application Security Controls and Techniques
PACE-IT, Security+ 4.1: Application Security Controls and TechniquesPACE-IT, Security+ 4.1: Application Security Controls and Techniques
PACE-IT, Security+ 4.1: Application Security Controls and TechniquesPace IT at Edmonds Community College
 
PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)Pace IT at Edmonds Community College
 

Recommended

PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)Pace IT at Edmonds Community College
 
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 2)
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 2)PACE-IT, Security+ 6.1: Introduction to Cryptography (part 2)
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 2)Pace IT at Edmonds Community College
 
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)Pace IT at Edmonds Community College
 
PACE-IT, Security+ 6.2: Cryptographic Methods (part 1)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 1)PACE-IT, Security+ 6.2: Cryptographic Methods (part 1)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 1)Pace IT at Edmonds Community College
 
PACE-IT, Security + 5.3: Security Controls for Account Management
PACE-IT, Security + 5.3: Security Controls for Account ManagementPACE-IT, Security + 5.3: Security Controls for Account Management
PACE-IT, Security + 5.3: Security Controls for Account ManagementPace IT at Edmonds Community College
 
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)Pace IT at Edmonds Community College
 
PACE-IT, Security+ 4.1: Application Security Controls and Techniques
PACE-IT, Security+ 4.1: Application Security Controls and TechniquesPACE-IT, Security+ 4.1: Application Security Controls and Techniques
PACE-IT, Security+ 4.1: Application Security Controls and TechniquesPace IT at Edmonds Community College
 
PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)Pace IT at Edmonds Community College
 
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative EnvironmentsPACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative EnvironmentsPace IT at Edmonds Community College
 
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)Pace IT at Edmonds Community College
 
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)Pace IT at Edmonds Community College
 
PACE-IT, Security+3.2: Summary of Types of Attacks (part 2)
PACE-IT, Security+3.2: Summary of Types of Attacks (part 2)PACE-IT, Security+3.2: Summary of Types of Attacks (part 2)
PACE-IT, Security+3.2: Summary of Types of Attacks (part 2)Pace IT at Edmonds Community College
 
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 1)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 1)PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 1)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 1)Pace IT at Edmonds Community College
 
PACE-IT, Security+3.5: Types of Application Attacks (part 2)
PACE-IT, Security+3.5: Types of Application Attacks (part 2)PACE-IT, Security+3.5: Types of Application Attacks (part 2)
PACE-IT, Security+3.5: Types of Application Attacks (part 2)Pace IT at Edmonds Community College
 
PACE-IT, Security+3.5: Types of Application Attacks (part 1)
PACE-IT, Security+3.5: Types of Application Attacks (part 1)PACE-IT, Security+3.5: Types of Application Attacks (part 1)
PACE-IT, Security+3.5: Types of Application Attacks (part 1)Pace IT at Edmonds Community College
 
PACE-IT: Network Hardening Techniques (part 3)
PACE-IT: Network Hardening Techniques (part 3)PACE-IT: Network Hardening Techniques (part 3)
PACE-IT: Network Hardening Techniques (part 3)Pace IT at Edmonds Community College
 
Chapter 3 security principals
Chapter 3 security principalsChapter 3 security principals
Chapter 3 security principalsnewbie2019
 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurancebdemchak
 
PACE-IT: Network Hardening Techniques (part 2)
PACE-IT: Network Hardening Techniques (part 2)PACE-IT: Network Hardening Techniques (part 2)
PACE-IT: Network Hardening Techniques (part 2)Pace IT at Edmonds Community College
 
C02
C02C02
C02newbie2019
 
Addressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor AuthenticationAddressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor AuthenticationPeter Choi
 
12-19-14 CLE for South (P Garrett)
12-19-14 CLE for South (P Garrett)12-19-14 CLE for South (P Garrett)
12-19-14 CLE for South (P Garrett)Patrick Garrett
 
Hunting the Evil of your Infrastructure
Hunting the Evil of your InfrastructureHunting the Evil of your Infrastructure
Hunting the Evil of your InfrastructureA. S. M. Shamim Reza
 
Banking and Modern Payments System Security Analysis
Banking and Modern Payments System Security AnalysisBanking and Modern Payments System Security Analysis
Banking and Modern Payments System Security AnalysisCSCJournals
 
Cyber forensics intro & requirement engineering cit dec 21,2013
Cyber forensics intro & requirement engineering cit dec 21,2013Cyber forensics intro & requirement engineering cit dec 21,2013
Cyber forensics intro & requirement engineering cit dec 21,2013subramanian K
 
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKING
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKINGIMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKING
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKINGInternational Journal of Technical Research & Application
 
Multi level parsing based approach against phishing attacks with the help of ...
Multi level parsing based approach against phishing attacks with the help of ...Multi level parsing based approach against phishing attacks with the help of ...
Multi level parsing based approach against phishing attacks with the help of ...IJNSA Journal
 
Ctia course outline
Ctia course outlineCtia course outline
Ctia course outlineShivamSharma909
 
PACE-IT, Security+3.2: Summary of Types of Attacks (part 1)
PACE-IT, Security+3.2: Summary of Types of Attacks (part 1)PACE-IT, Security+3.2: Summary of Types of Attacks (part 1)
PACE-IT, Security+3.2: Summary of Types of Attacks (part 1)Pace IT at Edmonds Community College
 
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 1)
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 1)PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 1)
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 1)Pace IT at Edmonds Community College
 

More Related Content

What's hot

PACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative EnvironmentsPACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative EnvironmentsPace IT at Edmonds Community College
 
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)Pace IT at Edmonds Community College
 
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)Pace IT at Edmonds Community College
 
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 1)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 1)PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 1)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 1)Pace IT at Edmonds Community College
 
Chapter 3 security principals
Chapter 3 security principalsChapter 3 security principals
Chapter 3 security principalsnewbie2019
 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurancebdemchak
 
Addressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor AuthenticationAddressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor AuthenticationPeter Choi
 
12-19-14 CLE for South (P Garrett)
12-19-14 CLE for South (P Garrett)12-19-14 CLE for South (P Garrett)
12-19-14 CLE for South (P Garrett)Patrick Garrett
 
Hunting the Evil of your Infrastructure
Hunting the Evil of your InfrastructureHunting the Evil of your Infrastructure
Hunting the Evil of your InfrastructureA. S. M. Shamim Reza
 
Banking and Modern Payments System Security Analysis
Banking and Modern Payments System Security AnalysisBanking and Modern Payments System Security Analysis
Banking and Modern Payments System Security AnalysisCSCJournals
 
Cyber forensics intro & requirement engineering cit dec 21,2013
Cyber forensics intro & requirement engineering cit dec 21,2013Cyber forensics intro & requirement engineering cit dec 21,2013
Cyber forensics intro & requirement engineering cit dec 21,2013subramanian K
 
Multi level parsing based approach against phishing attacks with the help of ...
Multi level parsing based approach against phishing attacks with the help of ...Multi level parsing based approach against phishing attacks with the help of ...
Multi level parsing based approach against phishing attacks with the help of ...IJNSA Journal
 

What's hot (20)

PACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative EnvironmentsPACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
 
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)
 
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
 
PACE-IT, Security+3.2: Summary of Types of Attacks (part 2)
PACE-IT, Security+3.2: Summary of Types of Attacks (part 2)PACE-IT, Security+3.2: Summary of Types of Attacks (part 2)
PACE-IT, Security+3.2: Summary of Types of Attacks (part 2)
 
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 1)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 1)PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 1)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 1)
 
PACE-IT, Security+3.5: Types of Application Attacks (part 2)
PACE-IT, Security+3.5: Types of Application Attacks (part 2)PACE-IT, Security+3.5: Types of Application Attacks (part 2)
PACE-IT, Security+3.5: Types of Application Attacks (part 2)
 
PACE-IT, Security+3.5: Types of Application Attacks (part 1)
PACE-IT, Security+3.5: Types of Application Attacks (part 1)PACE-IT, Security+3.5: Types of Application Attacks (part 1)
PACE-IT, Security+3.5: Types of Application Attacks (part 1)
 
PACE-IT: Network Hardening Techniques (part 3)
PACE-IT: Network Hardening Techniques (part 3)PACE-IT: Network Hardening Techniques (part 3)
PACE-IT: Network Hardening Techniques (part 3)
 
Chapter 3 security principals
Chapter 3 security principalsChapter 3 security principals
Chapter 3 security principals
 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurance
 
PACE-IT: Network Hardening Techniques (part 2)
PACE-IT: Network Hardening Techniques (part 2)PACE-IT: Network Hardening Techniques (part 2)
PACE-IT: Network Hardening Techniques (part 2)
 
C02
C02C02
C02
 
Addressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor AuthenticationAddressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor Authentication
 
12-19-14 CLE for South (P Garrett)
12-19-14 CLE for South (P Garrett)12-19-14 CLE for South (P Garrett)
12-19-14 CLE for South (P Garrett)
 
Hunting the Evil of your Infrastructure
Hunting the Evil of your InfrastructureHunting the Evil of your Infrastructure
Hunting the Evil of your Infrastructure
 
Banking and Modern Payments System Security Analysis
Banking and Modern Payments System Security AnalysisBanking and Modern Payments System Security Analysis
Banking and Modern Payments System Security Analysis
 
Cyber forensics intro & requirement engineering cit dec 21,2013
Cyber forensics intro & requirement engineering cit dec 21,2013Cyber forensics intro & requirement engineering cit dec 21,2013
Cyber forensics intro & requirement engineering cit dec 21,2013
 
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKING
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKINGIMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKING
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKING
 
Multi level parsing based approach against phishing attacks with the help of ...
Multi level parsing based approach against phishing attacks with the help of ...Multi level parsing based approach against phishing attacks with the help of ...
Multi level parsing based approach against phishing attacks with the help of ...
 
Ctia course outline
Ctia course outlineCtia course outline
Ctia course outline
 

Viewers also liked

PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 1)
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 1)PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 1)
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 1)Pace IT at Edmonds Community College
 

Viewers also liked (12)

PACE-IT, Security+3.2: Summary of Types of Attacks (part 1)
PACE-IT, Security+3.2: Summary of Types of Attacks (part 1)PACE-IT, Security+3.2: Summary of Types of Attacks (part 1)
PACE-IT, Security+3.2: Summary of Types of Attacks (part 1)
 
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 1)
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 1)PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 1)
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 1)
 
PACE-IT, Security+ 4.3: Solutions to Establish Host Security
PACE-IT, Security+ 4.3: Solutions to Establish Host SecurityPACE-IT, Security+ 4.3: Solutions to Establish Host Security
PACE-IT, Security+ 4.3: Solutions to Establish Host Security
 
PACE-IT, Security+3.3: Summary of Social Engineering Attacks
PACE-IT, Security+3.3: Summary of Social Engineering AttacksPACE-IT, Security+3.3: Summary of Social Engineering Attacks
PACE-IT, Security+3.3: Summary of Social Engineering Attacks
 
PACE-IT, Security+ 4.4: Controls to Ensure Data Security
PACE-IT, Security+ 4.4: Controls to Ensure Data SecurityPACE-IT, Security+ 4.4: Controls to Ensure Data Security
PACE-IT, Security+ 4.4: Controls to Ensure Data Security
 
PACE-IT, Security+3.6: Security Enhancement Techniques
PACE-IT, Security+3.6: Security Enhancement TechniquesPACE-IT, Security+3.6: Security Enhancement Techniques
PACE-IT, Security+3.6: Security Enhancement Techniques
 
PACE-IT, Security+3.7: Overview of Security Assessment Tools
PACE-IT, Security+3.7: Overview of Security Assessment ToolsPACE-IT, Security+3.7: Overview of Security Assessment Tools
PACE-IT, Security+3.7: Overview of Security Assessment Tools
 
PACE-IT, Security+3.4: Summary of Wireless Attacks
PACE-IT, Security+3.4: Summary of Wireless AttacksPACE-IT, Security+3.4: Summary of Wireless Attacks
PACE-IT, Security+3.4: Summary of Wireless Attacks
 
PACE-IT, Security+3.8: Vulnerability Scanning vs Pen Testing
PACE-IT, Security+3.8: Vulnerability Scanning vs Pen TestingPACE-IT, Security+3.8: Vulnerability Scanning vs Pen Testing
PACE-IT, Security+3.8: Vulnerability Scanning vs Pen Testing
 
PACE-IT, Security+3.1: Types of Malware
PACE-IT, Security+3.1: Types of MalwarePACE-IT, Security+3.1: Types of Malware
PACE-IT, Security+3.1: Types of Malware
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
PACE-IT, Security+2.9: Goals of Security Controls
PACE-IT, Security+2.9: Goals of Security ControlsPACE-IT, Security+2.9: Goals of Security Controls
PACE-IT, Security+2.9: Goals of Security Controls
 

Similar to PACE-IT, Security + 5.1: Summary of Authentication Services

Applications Drive Secure Lightpath Creation Across Heterogeneous Domains
Applications Drive Secure Lightpath Creation Across Heterogeneous DomainsApplications Drive Secure Lightpath Creation Across Heterogeneous Domains
Applications Drive Secure Lightpath Creation Across Heterogeneous DomainsTal Lavian Ph.D.
 
The three chain links of radius security
The three chain links of radius securityThe three chain links of radius security
The three chain links of radius securityGrafic.guru
 
Blockchain: the trust fabric for next generation digital identity management
Blockchain: the trust fabric for next generation digital identity managementBlockchain: the trust fabric for next generation digital identity management
Blockchain: the trust fabric for next generation digital identity managementEY
 
Cloud computing - Assessing the Security Risks - Jared Carstensen
Cloud computing - Assessing the Security Risks - Jared CarstensenCloud computing - Assessing the Security Risks - Jared Carstensen
Cloud computing - Assessing the Security Risks - Jared Carstensenjaredcarst
 
Bluedog white paper - Our WebObjects Web Security Model
Bluedog white paper - Our WebObjects Web Security ModelBluedog white paper - Our WebObjects Web Security Model
Bluedog white paper - Our WebObjects Web Security Modeltom termini
 
Improving Veteran benefit services through efficient data streaming | Robert ...
Improving Veteran benefit services through efficient data streaming | Robert ...Improving Veteran benefit services through efficient data streaming | Robert ...
Improving Veteran benefit services through efficient data streaming | Robert ...HostedbyConfluent
 
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...IRJET Journal
 

Similar to PACE-IT, Security + 5.1: Summary of Authentication Services (20)

PACE-IT: Networking Services and Applications (part 2) - N10 006
PACE-IT: Networking Services and Applications (part 2) - N10 006PACE-IT: Networking Services and Applications (part 2) - N10 006
PACE-IT: Networking Services and Applications (part 2) - N10 006
 
AAA server
AAA serverAAA server
AAA server
 
AAA Protocol
AAA ProtocolAAA Protocol
AAA Protocol
 
Applications Drive Secure Lightpath Creation Across Heterogeneous Domains
Applications Drive Secure Lightpath Creation Across Heterogeneous DomainsApplications Drive Secure Lightpath Creation Across Heterogeneous Domains
Applications Drive Secure Lightpath Creation Across Heterogeneous Domains
 
PACE-IT: Network Access Control
PACE-IT: Network Access ControlPACE-IT: Network Access Control
PACE-IT: Network Access Control
 
Vinod Rebello
Vinod RebelloVinod Rebello
Vinod Rebello
 
Co p
Co pCo p
Co p
 
The three chain links of radius security
The three chain links of radius securityThe three chain links of radius security
The three chain links of radius security
 
Co p
Co pCo p
Co p
 
Blockchain: the trust fabric for next generation digital identity management
Blockchain: the trust fabric for next generation digital identity managementBlockchain: the trust fabric for next generation digital identity management
Blockchain: the trust fabric for next generation digital identity management
 
PACE-IT: Introduction_to Network Devices (part 2) - N10 006
PACE-IT: Introduction_to Network Devices (part 2) - N10 006 PACE-IT: Introduction_to Network Devices (part 2) - N10 006
PACE-IT: Introduction_to Network Devices (part 2) - N10 006
 
Cloud computing - Assessing the Security Risks - Jared Carstensen
Cloud computing - Assessing the Security Risks - Jared CarstensenCloud computing - Assessing the Security Risks - Jared Carstensen
Cloud computing - Assessing the Security Risks - Jared Carstensen
 
PACE-IT: Network Hardening Techniques (part 1)
PACE-IT: Network Hardening Techniques (part 1)PACE-IT: Network Hardening Techniques (part 1)
PACE-IT: Network Hardening Techniques (part 1)
 
PACE-IT, Security+1.3: Cloud Concepts
PACE-IT, Security+1.3: Cloud ConceptsPACE-IT, Security+1.3: Cloud Concepts
PACE-IT, Security+1.3: Cloud Concepts
 
Asymmetric cryptography
Asymmetric cryptographyAsymmetric cryptography
Asymmetric cryptography
 
Bluedog white paper - Our WebObjects Web Security Model
Bluedog white paper - Our WebObjects Web Security ModelBluedog white paper - Our WebObjects Web Security Model
Bluedog white paper - Our WebObjects Web Security Model
 
Carrie Peter
Carrie PeterCarrie Peter
Carrie Peter
 
TMCnet final
TMCnet finalTMCnet final
TMCnet final
 
Improving Veteran benefit services through efficient data streaming | Robert ...
Improving Veteran benefit services through efficient data streaming | Robert ...Improving Veteran benefit services through efficient data streaming | Robert ...
Improving Veteran benefit services through efficient data streaming | Robert ...
 
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
 

Recently uploaded

Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfUmakantAnnand
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 

Recently uploaded (20)

Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.Compdf
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 

PACE-IT, Security + 5.1: Summary of Authentication Services

  • 2. Page 2 Instructor, PACE-IT Program – Edmonds Community College Areas of Expertise Industry Certifications  PC Hardware  Network Administration  IT Project Management  Network Design  User Training  IT Troubleshooting Qualifications Summary Education  M.B.A., IT Management, Western Governor’s University  B.S., IT Security, Western Governor’s University Entrepreneur, executive leader, and proven manger with 10+ years of experience turning complex issues into efficient and effective solutions. Strengths include developing and mentoring diverse workforces, improving processes, analyzing business needs and creating the solutions required— with a focus on technology.
  • 3. Page 3 – Function and purpose of authentication services. – Authentication services. PACE-IT
  • 4. Page 4 Summary of authentication services.
  • 5. Page 5 A best practice in network security is to require authorization when access is desired either to the network or resources on the network. Authentication services are basically the first step in the authorization process. Authentication services require requesters to prove that they are who they say they are by the submission of some type of credentials (e.g., usernames and passwords). The service then examines the credentials against a database. The database will contain information on which credentials the authentication service will accept. If accepted, one of two things occurs—the authorization is granted or the authentication service passes the approved credentials to an authorization service. Summary of authentication services.
  • 6. Page 6 Summary of authentication services.
  • 7. Page 7 Authentication services may be part of an AAA (Authentication, Authorization and Accounting) protocol. AAA protocols will validate the credentials of the requester (authentication), grant access to the resource (authorization), and then log the requestor’s activity (accounting). All of these separate functions can be combined into a single protocol. In other cases, the individual services (i.e., authentication, authorization, and accounting) are actually separated. In this situation, the services will be set up in a manner in which they will pass information back and forth in order to form a holistic, secure environment. Summary of authentication services.
  • 8. Page 8 – RADIUS (Remote Authentication Dial-In User Service). » A remote access service that is used to authenticate remote users and grant them access to authorized network resources. » It is a popular AAA protocol used to help ensure that only authenticated end users are using the network resources they are authorized to use. • The accounting features are very robust. » Only the requester’s (the end user’s) password is encrypted. – TACACS+ (Terminal Access Controller Access-Control System Plus). » A remote access service that is used to authenticate remote devices and grant them access to authorized network resources. » It is a popular AAA protocol used to help ensure that only authenticated remote network devices are using the network resources they are authorized to use. • The accounting features are not as robust as those of RADIUS. » All transmissions between devices are encrypted. Summary of authentication services.
  • 9. Page 9 – Kerberos. » Authentication protocol, which uses TCP or UDP port 88. » A system of authentication and authorization that works well in environments that have a lot of clients. » The Key Distribution Center (KDC) is the main component. » The KDC has two parts—the authentication server (AS) and the Ticket-Granting Service (TGS). » When a user logs in, a hash of his or her username and password is sent to the AS; if the AS likes the hash, it responds with a ticket granting ticket (TGT) and a timestamp. » The client sends the TGT with timestamp to the TGS. » The TGS responds with a service ticket (can also be called an access token or just a token). » The service ticket (token) authorizes the user to access specific resources. » As long as the TGT is still valid, the TGS will grant authorization by issuing a new service ticket. Summary of authentication services.
  • 10. Page 10 – LDAP (Lightweight Directory Access Protocol). » A directory service protocol that can be used to authenticate clients. • LDAP requests are sent over TCP port 389. » Applications that are LDAP compliant will validate (authenticate) the client and then retrieve the requested information stored in the directory. – Secure LDAP. » Encrypted version of LDAP using SSL (Secure Socket Layer) over TCP port 636. • All communication between the client and LDAP is secure. – SAML (Security Assertion Markup Language). » An XML (Extensible Markup Language) standard that is used to allow systems to exchange authentication and authorization information. Summary of authentication services.
  • 11. Page 11 Summary of authentication services. Authentication services are the first step in the authorization process. Authentication services check to ensure that requesters are who they claim to be through a process of validating the requesters’ credentials (e.g., usernames and passwords) against information contained in a database. If the credentials are accepted, they are then passed onto the authorization service. If the credentials are rejected, so is the requester. Topic Function and purpose of authentication services. Summary Authentication services may form part of an AAA protocol. AAA protocols will perform authentication, authorization, and accounting services for networks and network resources. Popular authentication services include: RADIUS, TACACS+, Kerberos, LDAP, Secure LDAP, and SAML. Authentication services.
  • 13. This workforce solution was 100 percent funded by a $3 million grant awarded by the U.S. Department of Labor's Employment and Training Administration. The solution was created by the grantee and does not necessarily reflect the official position of the U.S. Department of Labor. The Department of Labor makes no guarantees, warranties, or assurances of any kind, express or implied, with respect to such information, including any information on linked sites and including, but not limited to, accuracy of the information or its completeness, timeliness, usefulness, adequacy, continued availability or ownership. Funded by the Department of Labor, Employment and Training Administration, Grant #TC-23745-12-60-A-53. PACE-IT is an equal opportunity employer/program and auxiliary aids and services are available upon request to individuals with disabilities. For those that are hearing impaired, a video phone is available at the Services for Students with Disabilities (SSD) office in Mountlake Terrace Hall 159. Check www.edcc.edu/ssd for office hours. Call 425.354.3113 on a video phone for more information about the PACE-IT program. For any additional special accommodations needed, call the SSD office at 425.640.1814. Edmonds Community College does not discriminate on the basis of race; color; religion; national origin; sex; disability; sexual orientation; age; citizenship, marital, or veteran status; or genetic information in its programs and activities.