WEBVTT 1 00:00:00.000 --> 00:00:01.180 foreign [Music] 2 00:00:21.540 --> 00:00:31.740 Dr Michael Mann and tonight's session review session is on authentication controls 3 00:00:31.740 --> 00:00:38.280 this is of course in preparation for the Security Plus industry certification exam I am using 4 00:00:38.280 --> 00:00:46.380 questions from the Virginia cyber range and we'll go ahead and get started with the first question 5 00:00:53.640 --> 00:01:02.940 okay what does AAA refer to when concerning enforcing security policies AAA 6 00:01:04.620 --> 00:01:08.580 all right let's uh let's take some responses what do you think 7 00:01:09.960 --> 00:01:14.940 thank you one two three or four 8 00:01:19.380 --> 00:01:28.680 if you're not sure is there something that you can see to eliminate fairly quickly 9 00:01:33.420 --> 00:01:39.900 the last option the last option okay and and what makes you want to eliminate that 10 00:01:42.780 --> 00:01:45.060 I agree with you by the way 11 00:01:48.180 --> 00:01:52.500 the rest of the options kind of make sense but the last option has something extra in there 12 00:01:52.500 --> 00:01:57.900 that doesn't really go with cyber security as far as I'm aware sure amelioration yeah 13 00:01:57.900 --> 00:02:07.380 that's uh yeah not exactly um car for the course for cyber security technical language 14 00:02:08.820 --> 00:02:14.520 um and it's not like we're interested in ameliorating anything uh when we're talking 15 00:02:14.520 --> 00:02:20.100 about AAA um is there another choice that doesn't look right 16 00:02:23.460 --> 00:02:32.220 so the third choice starting with access it's close closer than the choice number 17 00:02:32.220 --> 00:02:39.840 four that has the term amelioration in it but really when we're talking about AAA 18 00:02:41.640 --> 00:02:48.180 we're talking about one of the first two choices so which one is it 19 00:02:55.200 --> 00:03:00.420 is it the first choice I know the second choice is it the second choice the second choice 20 00:03:01.260 --> 00:03:09.360 so authentication authorization and accounting okay now what's the 21 00:03:09.360 --> 00:03:17.580 difference between the two choices one and two and it really is just the order in which 22 00:03:18.180 --> 00:03:28.500 the terms are presented however is there anything that is important about the order of the terms 23 00:03:29.100 --> 00:03:37.680 what do you think is it like the steps you have to take the steps have to go a 24 00:03:37.680 --> 00:03:45.900 specific order sure that yes that is that is correct um first you are authenticated 25 00:03:46.860 --> 00:03:55.860 before accessing a resource then based upon your credentials you are authorized to access certain 26 00:03:55.860 --> 00:04:02.940 resources and then finally the accounting part keeps track of basically what you've been doing 27 00:04:03.600 --> 00:04:11.520 so authentication authorization and accounting are the correct answers for this question 28 00:04:13.140 --> 00:04:20.100 um this is it's a little tricky because you look at the first two choices and right and you're in 29 00:04:20.100 --> 00:04:27.360 the exam and you're like well you know they're all the same both saying the same thing um but the 30 00:04:27.360 --> 00:04:37.140 order for this question the order of the answers is important okay let's move on to the next one 31 00:04:46.920 --> 00:04:56.340 okay which of the following is the best example of conditional Access Control 32 00:04:57.840 --> 00:05:03.000 choices one through four a government employee is only allowed to access 33 00:05:03.000 --> 00:05:09.300 information that their security clearance allows them to access or 34 00:05:10.200 --> 00:05:16.320 a user is given access to a certain level of sensitive files based on the project they have 35 00:05:16.320 --> 00:05:24.660 been assigned to choice three an individual who created a document gives access to their friend 36 00:05:24.660 --> 00:05:32.400 for peer review or choice for a subject's account approval is evaluated based on your current 37 00:05:32.400 --> 00:05:42.240 operating system what do you think number two sounds like a viable answer number two is a viable 38 00:05:42.240 --> 00:05:52.620 answer and in fact it is the correct answer yes very well done and what about Choice number one 39 00:05:55.560 --> 00:05:58.320 does that look like conditional Access Control 40 00:06:03.480 --> 00:06:08.640 well no it doesn't it's more closely related to mandatory Access Control 41 00:06:10.140 --> 00:06:16.860 and three is more closely related to discretionary Access Control 42 00:06:18.480 --> 00:06:26.460 and finally the fourth one is more closely resembling rule-based access control so 43 00:06:26.460 --> 00:06:34.140 knowledge of control models is important for dealing with this type of question okay so our 44 00:06:34.140 --> 00:06:41.340 correct answer here is Choice number two a user is given access to a certain level of sensitive files 45 00:06:41.340 --> 00:06:49.740 based on the project they have been assigned to okay let's move on to the next question 46 00:06:56.640 --> 00:06:58.800 this question involves Dynamic code 47 00:06:59.820 --> 00:07:06.120 after entering your username and password in the login screen for your Cloud accounts you click 48 00:07:06.120 --> 00:07:13.080 submit and then a special code that changes every minute is created for you to authenticate yourself 49 00:07:14.580 --> 00:07:28.620 what security measure is deploying this Dynamic code is it TGT totp SMS or certificate Authority 50 00:07:39.480 --> 00:07:46.140 well it helps to know what the acronyms stand for the exam is and the course 51 00:07:46.140 --> 00:07:53.400 as you probably know already is big on acronyms so does anyone know what TGT is 52 00:07:58.740 --> 00:08:06.300 no okay ticket granting ticket TGT are files created by the key 53 00:08:06.300 --> 00:08:10.200 distribution center portion of Kerberos Authentication 54 00:08:12.360 --> 00:08:14.220 what about totp 55 00:08:16.140 --> 00:08:17.700 does anyone know what that one is 56 00:08:25.620 --> 00:08:34.920 okay so t-o-t-p time based one-time passwords and it's a common form of two-factor Authentication 57 00:08:36.000 --> 00:08:42.120 and SMS obviously short message service and certificate Authority so what do you guys think 58 00:08:43.440 --> 00:08:46.140 Choice number one two three or four 59 00:08:54.300 --> 00:08:58.440 um I know it's not number three because it doesn't get sent to the phone so maybe number 60 00:08:58.440 --> 00:09:10.560 two okay and number two is the correct answer this is a time-based one-time password okay 61 00:09:11.400 --> 00:09:18.240 questions about that or does everybody understand applying based one-time password 62 00:09:23.640 --> 00:09:27.300 okay so where would the first one be sent to the 63 00:09:28.140 --> 00:09:34.380 TGT like where would that pop up if you were to so that's something and it's crazy 64 00:09:35.160 --> 00:09:44.340 it's a creative file that would be used and not necessarily sent to a user 65 00:09:47.100 --> 00:09:53.640 in the same way that a time-based one-time password would be oh okay okay 66 00:09:55.680 --> 00:09:59.400 all right let's move on to the next question 67 00:10:04.020 --> 00:10:06.900 multi-factor Authentication 68 00:10:08.040 --> 00:10:13.800 which of the following terms most closely relates to multi-factor Authentication 69 00:10:16.020 --> 00:10:24.000 your choices are token key SSO Pap or HSM they really love their acronyms don't they 70 00:10:28.200 --> 00:10:40.200 you mind um saying what the acronyms are sure so let's start with the first one listed SSO now this 71 00:10:40.200 --> 00:10:48.600 one's pretty widely used does anybody know what this is a single sign-on absolutely it is single 72 00:10:48.600 --> 00:10:58.440 sign-on and single sign-on is not involved with multi-factor Authentication okay how about pap 73 00:11:03.180 --> 00:11:14.640 okay so Pap is password Authentication Protocol and again not related to multi-factor 74 00:11:14.640 --> 00:11:25.680 Authentication um in networking you may have come across this as a point-to-point protocol 75 00:11:25.680 --> 00:11:33.240 used between two routers to authenticate but it's generally considered fairly weak it sends 76 00:11:33.240 --> 00:11:44.280 passwords in plain text and in that context it's typically not used but instead Challenge 77 00:11:44.280 --> 00:11:53.340 hand handshake Authentication Protocol is used in its place and HSM anybody know what that one is 78 00:11:57.420 --> 00:12:02.880 okay so HSM stands for Hardware security module 79 00:12:03.480 --> 00:12:10.800 and this is a hardware card that contains a crypto processor and is used at the hardware level 80 00:12:12.000 --> 00:12:19.800 so just from knowing the definitions of these acronyms it's pretty clear that what's left 81 00:12:19.800 --> 00:12:26.640 is token key and that is most closely related to multi-factor Authentication 82 00:12:27.600 --> 00:12:34.620 so that's our correct answer for this question and we'll move on to the next one 83 00:12:45.540 --> 00:12:49.980 okay security assertion markup language 84 00:12:51.300 --> 00:12:57.420 or saml tokens possess what kind of data after being granted access 85 00:12:58.920 --> 00:13:04.380 okay so does anyone think biometric 86 00:13:07.980 --> 00:13:15.900 no no absolutely not biometric and pkc data 87 00:13:19.380 --> 00:13:26.520 okay so there's it's not involved with public key plain text 88 00:13:33.300 --> 00:13:37.860 so this is security assertion markup language tokens we're talking about 89 00:13:39.660 --> 00:13:46.500 does it make sense that these tokens might have plain Text data 90 00:13:50.640 --> 00:13:54.180 what do you think is that a good choice 91 00:13:56.880 --> 00:14:04.800 no no it is not so our answer for this question is claim data 92 00:14:06.600 --> 00:14:17.160 so saml or saml token possesses encrypted claim data and that's the answer we're looking for here 93 00:14:21.240 --> 00:14:27.180 okay so the next question involving SSH public and private Keys 94 00:14:27.180 --> 00:14:35.880 your organization's network administrator is configuring the Linux servers 95 00:14:36.660 --> 00:14:42.420 SSH Authentication to allow key based Authentication 96 00:14:43.920 --> 00:14:56.640 this setup requires that the private key is blank and the public key is lineage okay so what is SSH 97 00:15:02.220 --> 00:15:03.660 okay nobody got this 98 00:15:05.700 --> 00:15:07.500 all right secure shell 99 00:15:10.320 --> 00:15:15.000 so we're talking about private keys and public Keys your choices are 100 00:15:15.840 --> 00:15:22.320 the private key is kept with the user and the public key is kept with the user 101 00:15:23.220 --> 00:15:31.500 or the private key is kept with the Linux host and the public key is kept with the Linux host 102 00:15:32.640 --> 00:15:40.200 or the private key is kept with the user and the public key is kept with the Linux server 103 00:15:41.460 --> 00:15:49.260 or finally the private key is kept with the Linux host and the public key is kept with the user 104 00:15:52.080 --> 00:16:00.120 what do you think is the correct answer is it the third option the third option okay so the private 105 00:16:00.120 --> 00:16:09.480 key is kept with the user and the public key is kept with the Linux server and that is correct so 106 00:16:10.920 --> 00:16:19.260 probably the easiest way to remember this is that private keys are always kept with the user okay 107 00:16:20.340 --> 00:16:23.100 and so the public key is not 108 00:16:25.740 --> 00:16:32.820 okay now knowing that of course Narrows your answer choices down I have 109 00:16:35.160 --> 00:16:47.340 okay the second choice then is easily eliminated because a private key would not be kept on the 110 00:16:47.340 --> 00:16:57.660 Linux host okay and neither would the fourth choice be a viable Choice as well all right 111 00:17:01.860 --> 00:17:03.480 okay let's move on to the next question 112 00:17:07.740 --> 00:17:18.720 the blank model is used to allocate labels to objects and subjects for Access Control clearances 113 00:17:20.580 --> 00:17:32.940 so um clearly uh the question involves understanding the acronyms listed again 114 00:17:33.720 --> 00:17:41.640 so Let's uh start with that and how about the first one DAC 115 00:17:45.360 --> 00:17:46.980 does anybody remember this one 116 00:17:50.700 --> 00:18:02.340 okay so this is discretionary Access Control how about rbac is that rule-based access 117 00:18:02.340 --> 00:18:09.780 control it's confusing isn't it it could be rule-based could also be something else 118 00:18:13.020 --> 00:18:14.340 anybody know what the other 119 00:18:16.740 --> 00:18:17.340 thing is 120 00:18:20.520 --> 00:18:36.660 so yes we have rules we have discretionary we also have role-based access okay and how about a b a c 121 00:18:40.140 --> 00:18:47.940 okay attribute based Access Control yes attribute based Access Control okay 122 00:18:49.500 --> 00:18:57.960 all right so clearly you need to know something about these different models 123 00:18:58.980 --> 00:19:01.560 to be able to negotiate this type of question 124 00:19:03.780 --> 00:19:16.380 DAC or discretionary Access Control involves granting access by using some type of Access 125 00:19:16.380 --> 00:19:27.600 Control list okay and I'm saying that in a very uh General sense um although the conceptually 126 00:19:28.320 --> 00:19:37.680 Access Control list or ACLs you may have heard of or come across using them in the sense of 127 00:19:38.220 --> 00:19:48.120 firewall rules okay or perhaps even Access Control configured on a router or a switch 128 00:19:49.200 --> 00:19:58.620 and the idea is kind of the same we aren't really or we aren't necessarily talking about 129 00:19:59.700 --> 00:20:08.160 um ACLS on a firewall or a router in this question the question is talking about allocating labels 130 00:20:08.160 --> 00:20:18.780 to objects and subjects now you know if it hadn't said subjects then I would say that it's you know 131 00:20:18.780 --> 00:20:24.900 it could be it could be talking about Network appliances but when you see the term subjects 132 00:20:27.120 --> 00:20:28.140 um what comes to mind 133 00:20:32.040 --> 00:20:40.080 like people yes absolutely like people so that gives us some contextual information 134 00:20:41.100 --> 00:20:47.940 about the question and the answer choices and would also lead me to think that in the second 135 00:20:47.940 --> 00:20:58.860 choice rbac is referring to role base instead of rule based now we go back to discretionary 136 00:21:00.180 --> 00:21:09.060 and as I said access has granted using some type of Access Control list in the general sense of 137 00:21:09.060 --> 00:21:15.420 the term and we've already spoken about how on a network Appliance you can say for example on 138 00:21:15.420 --> 00:21:26.820 a router set up Access Control list to control traffic flows and by the same token um so to speak 139 00:21:28.080 --> 00:21:38.760 um users and groups okay can be granted access to a file for example based on file permissions 140 00:21:39.480 --> 00:21:49.980 okay so the concept of the access control list applies sort of in both domains Network appliances 141 00:21:49.980 --> 00:22:00.120 and also people so now the question is is the description in the question allocating labels 142 00:22:00.120 --> 00:22:08.820 to objects and subjects for Access Control is that a type of discretionary Access Control model 143 00:22:09.840 --> 00:22:11.880 so what do you think yes or no 144 00:22:14.640 --> 00:22:16.380 you have 50 50 chance 145 00:22:19.740 --> 00:22:24.720 anybody want to take a guess I don't know but I'll just say 146 00:22:24.720 --> 00:22:32.640 yes okay well no the answer is no it is not discretionary okay good guess though 147 00:22:34.800 --> 00:22:37.380 um what about role-based access control 148 00:22:43.080 --> 00:22:45.960 does that sound like it could possibly be right 149 00:22:52.740 --> 00:23:01.200 I think role days could be right you think it's right I think so you do okay any particular 150 00:23:01.200 --> 00:23:09.120 reason uh because people could have roles sure that's my kind of connection I'm making 151 00:23:09.660 --> 00:23:18.060 okay and so role based you know is a type of non-discretionary Access Control 152 00:23:19.800 --> 00:23:24.960 um some of the characteristics and it takes a real world approach to structuring access control 153 00:23:25.740 --> 00:23:34.740 and as it sounds it's based on a user's job function within the organization okay 154 00:23:36.660 --> 00:23:48.600 but that doesn't necessarily mean that this model allocates labels so it's not role-based 155 00:23:50.280 --> 00:23:53.340 okay what about attribute based Access Control 156 00:23:55.680 --> 00:24:02.460 I think it's this one okay um because it's attributes and it's saying labels 157 00:24:03.360 --> 00:24:11.760 okay so you're saying the labels that are allocated our attributes yeah they could be 158 00:24:12.960 --> 00:24:21.900 okay so and and I can see why um that could be an appealing answer in fact I might even call this 159 00:24:22.980 --> 00:24:32.460 um a misdirector this is not the correct answer um attributes are often pre-existing 160 00:24:33.600 --> 00:24:41.220 and not handed out necessarily on the Fly which is sort of the implication in this question 161 00:24:43.200 --> 00:24:49.320 um so in ABAC attribute based Access Control 162 00:24:50.160 --> 00:24:55.260 evaluates the attributes or what we could think of as characteristics 163 00:24:56.880 --> 00:25:06.840 rather than roles to determine access okay so and then the purpose for doing this is to protect 164 00:25:06.840 --> 00:25:15.240 objects such as data or network devices and other I.T resources from unauthorized users and actions 165 00:25:16.020 --> 00:25:23.580 in other words if you don't have an approved characteristic as defined by the organization's 166 00:25:23.580 --> 00:25:33.300 security policies then you don't get access so we're left with mandatory Access Control 167 00:25:34.620 --> 00:25:48.600 and um so this is uh where the the allocation of labels comes into play and again knowing 168 00:25:48.600 --> 00:25:56.160 the different models um you know you kind of go through and use the process of elimination 169 00:25:57.600 --> 00:26:08.700 um to negotiate this type of question once again I think it's important to um point out that 170 00:26:08.700 --> 00:26:19.980 acronyms are a large component of this topic not excuse me not just this topic but of the industry 171 00:26:19.980 --> 00:26:28.800 certification exam and it really is important to know them um often I get questions about 172 00:26:28.800 --> 00:26:38.940 you know how to deal um with so many not just pieces of of knowledge-based information that 173 00:26:38.940 --> 00:26:45.300 is as opposed to something that is performance oriented but rather something that is more 174 00:26:46.200 --> 00:26:54.180 straight up knowledge based but also compounded by the fact that there are acronyms and 175 00:26:54.780 --> 00:27:03.180 you know the response is that in the first place you you have to know the acronyms um in 176 00:27:03.180 --> 00:27:12.600 my conversations with students over the years and even for my own purposes um because you know if 177 00:27:12.600 --> 00:27:19.320 I take a an industry certification exam I have to deal with the same thing you do I'm not immune to 178 00:27:20.580 --> 00:27:31.080 um you know the the design of the test makers I I see the same exams you do and for me um doing 179 00:27:31.080 --> 00:27:39.540 something with the information um and it could be something as simple as creating power points 180 00:27:41.700 --> 00:27:50.460 um is helpful because it allows me to do something to create something some information product 181 00:27:50.460 --> 00:27:59.160 using the terms or the acronyms and of course when you're doing this you're going to keep the acronym 182 00:27:59.160 --> 00:28:07.440 and then spell it out so you understand what the meaning is and this type of work I've always found 183 00:28:07.440 --> 00:28:15.240 useful and if you really want to sort of take it to the next level especially when it comes 184 00:28:15.240 --> 00:28:26.220 to creating PowerPoints you can get Jeopardy Style a sort of templates that are pre-made and download 185 00:28:26.220 --> 00:28:31.140 them and use them in PowerPoint and then all you have to do is fill in the content information 186 00:28:32.160 --> 00:28:38.160 so there are two things there that can help you the act of actually doing the work to create 187 00:28:38.160 --> 00:28:48.120 the study tool is is very helpful and then of course using it over and over again to help 188 00:28:48.120 --> 00:28:55.740 with your learning and your studies and when you do this kind of work it really helps you to sort 189 00:28:55.740 --> 00:29:04.380 of internalize the information and once you've done that you know you'll find that recognizing 190 00:29:04.380 --> 00:29:12.360 and understanding and knowing the acronyms becomes a lot easier so okay let's move on 191 00:29:20.640 --> 00:29:31.380 okay so in this question we're talking again about attribute based access control and role based 192 00:29:31.380 --> 00:29:38.940 the question states which comparison between attribute-based and role-based access control 193 00:29:39.780 --> 00:29:45.420 is a true statement your choices are 194 00:29:47.400 --> 00:29:55.800 the ABAC configuration covers more broad access controls whereas our back controls 195 00:29:56.460 --> 00:29:59.820 access on a more detailed level 196 00:30:01.860 --> 00:30:10.920 or number two the ABAC does not include roles in the access control criteria because that is 197 00:30:10.920 --> 00:30:19.860 what the r back is for for number three the ABAC is the most fine-grained type of Access Control 198 00:30:20.820 --> 00:30:30.660 whereas our back is not as precise or finally role-based and attribute based 199 00:30:30.660 --> 00:30:36.600 are on the same level of access controls but they just look at two different parts 200 00:30:38.460 --> 00:30:42.540 okay so what do you think for this question 201 00:30:46.620 --> 00:30:52.800 do you see anything um that could easily be eliminated 202 00:30:56.400 --> 00:30:59.160 okay let's take a look at the second answer 203 00:31:01.620 --> 00:31:07.440 um it states that attribute based access control does not include roles 204 00:31:07.980 --> 00:31:14.520 in the access control criteria because that is what role-based is for 205 00:31:15.780 --> 00:31:26.400 okay so that's not a true statement um attribute based does include information about roles than it 206 00:31:26.400 --> 00:31:35.580 has to because the subject is the user requesting access to a resource to perform an action 207 00:31:36.540 --> 00:31:43.800 okay so that helps us you know with eliminating the second choice 208 00:31:46.980 --> 00:31:54.900 now now if you understand that and you look at the fourth choice role-based and attribute based on 209 00:31:54.900 --> 00:32:04.140 the same level and they really can't be because attribute based includes role-based information 210 00:32:05.760 --> 00:32:14.460 so then that knocks out the poor choice and that leads us with number one or number three 211 00:32:17.100 --> 00:32:25.320 would it be the first one no it would actually be the third and if you 212 00:32:25.860 --> 00:32:33.180 think about it um you know obviously you have to study this and prepare for it but 213 00:32:34.020 --> 00:32:45.360 when we talk about attributes in attributes of something subject an object um 214 00:32:47.760 --> 00:32:56.340 the first answer States that attribute based covers more broad access controls 215 00:32:56.940 --> 00:33:03.000 and the third answer states that attribute base is the most fine-grained or what we 216 00:33:03.000 --> 00:33:08.520 would call a granular has a high level of granularity or type of Access Control 217 00:33:09.300 --> 00:33:14.340 and that is true and in fact that is the correct answer 218 00:33:15.900 --> 00:33:28.320 um attributes or characteristics make up something larger okay so attribute based control 219 00:33:29.340 --> 00:33:38.160 is appropriately named and that answer choice would stand out if you were just trying to look 220 00:33:38.160 --> 00:33:44.040 at this on the basis of elimination based upon what you know and we often use this technique 221 00:33:45.180 --> 00:33:55.080 um that becomes the Clear Choice so it's not a more broad Focus it is a granular Focus okay 222 00:33:57.420 --> 00:33:58.080 all right 223 00:34:02.820 --> 00:34:10.200 okay describing MFA and MFA is what 224 00:34:12.060 --> 00:34:18.480 multi-factor identification yes so that was pretty quick 225 00:34:19.740 --> 00:34:25.440 how were you able to come up with that so quickly I just kind of memorized it 226 00:34:25.440 --> 00:34:31.020 I've heard it thousands of times you've heard it thousands of times thank you you've probably used 227 00:34:31.020 --> 00:34:37.080 it thousands of times as well do you see what I'm saying or what I'm getting at with these acronyms 228 00:34:37.620 --> 00:34:43.380 so most people understand very well what multi-factor authentication is and 229 00:34:43.920 --> 00:34:50.220 you know we use it all the time right we have to use it to get into you know my portal to 230 00:34:50.220 --> 00:35:00.840 get access to things like Canvas OR sis so so it just adds more Credence to the point that 231 00:35:00.840 --> 00:35:10.500 the more you use something the easier it is to recognize it and recall it and deal with it okay 232 00:35:12.660 --> 00:35:21.060 when signing into an account you are told to enter a pin and the last four digits of 233 00:35:21.060 --> 00:35:28.860 your Social Security number to be authenticated does this describe multi-factor Authentication 234 00:35:30.420 --> 00:35:38.160 um not to put to find a point on it but what is a pin what does that acronym stand for 235 00:35:40.560 --> 00:35:44.340 is it personal identification number yes 236 00:35:46.620 --> 00:35:52.680 now this is kind of by the way the sort of opposite end of what I've been saying about 237 00:35:52.680 --> 00:36:02.520 acronyms you can find those that you use so often that you stop thinking about what they mean or 238 00:36:02.520 --> 00:36:09.660 what they're what they stand for with the letter stand for and if that goes on long enough you can 239 00:36:09.660 --> 00:36:18.180 actually forget just an interesting point okay so we're signing into an account we enter a pin we 240 00:36:18.180 --> 00:36:25.500 enter the last four digits of our social security number is that multi-factor Authentication 241 00:36:26.820 --> 00:36:34.740 okay so yes because it is requiring the user to present at least two different credentials 242 00:36:36.240 --> 00:36:44.520 or no because it is not requiring the user to present more than more than two different 243 00:36:44.520 --> 00:36:53.040 credentials or is it yes because it is adding a layer of protection to the Authentication 244 00:36:54.120 --> 00:37:01.440 or Choice number four no because it is not using a combination of different authentication types 245 00:37:02.880 --> 00:37:04.920 okay what do you think 246 00:37:10.320 --> 00:37:16.020 yes first one uh the first one okay anybody else 247 00:37:30.660 --> 00:37:36.840 Morgan uh I I agree with her choice I think that's right I'm sorry I was just reading it 248 00:37:36.840 --> 00:37:45.060 before I said something that's okay so you think it's the first one yeah sir I agree that it's an 249 00:37:45.060 --> 00:37:51.300 example but then I've never the only time I ever think of multi-factor authentication is 250 00:37:51.300 --> 00:38:01.440 like getting a text or an email or something okay so I'm going back and forth okay um hmm 251 00:38:02.580 --> 00:38:11.280 so let me throw out a few phrases for you to consider um something you are 252 00:38:14.880 --> 00:38:16.860 something you have 253 00:38:19.740 --> 00:38:23.340 or something you know does that help 254 00:38:24.420 --> 00:38:31.980 yeah okay what do we think now is it Choice number one two three or four 255 00:38:36.420 --> 00:38:42.900 and remember something you are something you have something you know 256 00:38:49.440 --> 00:38:52.500 so in the question you're told that you're entering a pin 257 00:38:53.400 --> 00:38:57.300 and the last four digits of your Social Security number 258 00:38:59.880 --> 00:39:01.020 given that information 259 00:39:03.720 --> 00:39:11.040 is this answer going to be a yes or a no in terms of multi-factor Authentication 260 00:39:13.200 --> 00:39:19.800 I still say yes okay so we've got one vote for yes yeah I think yes as well 261 00:39:21.360 --> 00:39:30.960 which is probably not the reaction well this is the fun part right we get to talk about it 262 00:39:31.980 --> 00:39:37.440 okay so Morgan did you have a comment yeah I'm I'm confused now I've been confused I'm 263 00:39:37.440 --> 00:39:44.280 not gonna lie but um so we're multi-factor does it have to like like Seth said on like 264 00:39:44.280 --> 00:39:49.080 text and emails does it have to go to something else or is it okay that you 265 00:39:49.080 --> 00:39:56.580 enter it all like on the same device okay like uh same portal like at the same time 266 00:39:57.300 --> 00:40:09.540 okay so it is less dependent on things like the media or devices and it's much more dependent on 267 00:40:10.140 --> 00:40:18.960 is this are they giving you something you are something you have or something you know 268 00:40:18.960 --> 00:40:25.320 let's talk about a pin number okay and we've all come across this in in various applications 269 00:40:25.920 --> 00:40:32.940 um probably one of the more obvious is uh I don't know a credit card pin number or perhaps a debit 270 00:40:32.940 --> 00:40:40.440 card and number and so which category would a PIN number fall into is it something you are 271 00:40:41.400 --> 00:40:47.520 is it something you have or is it something you know something you have okay 272 00:40:50.580 --> 00:40:56.460 so Seth well I've got something you know actually I'm sorry okay I feel like it's a 273 00:40:56.460 --> 00:41:02.580 little bit of both because you you have it and you know it okay I'm guessing I think it is no 274 00:41:03.660 --> 00:41:12.000 okay I had to put into one so let's let's start with that determining which it is because I think 275 00:41:12.000 --> 00:41:19.140 it's pretty clear it's not something that we are but the the confusion seems to be around 276 00:41:19.140 --> 00:41:25.860 is it something you have or is it something you know and you know if you think about it from the 277 00:41:25.860 --> 00:41:33.960 point of view if you when I say pin number if you see your debit card right that kind of makes you 278 00:41:33.960 --> 00:41:46.800 think in your mind that it's something you have okay but you have the credit card right the PIN 279 00:41:47.400 --> 00:41:55.920 is knowledge that you've created in other words I mean most often we choose our own maybe not 280 00:41:55.920 --> 00:42:02.100 initially right if it has to have something they might you know the organization might give 281 00:42:02.100 --> 00:42:07.800 you your pin and go here and remember to change this but a pin is really something we know okay 282 00:42:09.420 --> 00:42:17.460 so is it only something we have if it's tangible yeah okay so what's what is that 283 00:42:21.240 --> 00:42:24.960 so your social security card or your social security number isn't something you have 284 00:42:25.860 --> 00:42:27.660 something you know that's correct 285 00:42:29.940 --> 00:42:36.420 because they're both knowledge based items so then the answer is no 286 00:42:37.620 --> 00:42:44.280 right so too different so it's easy to understand that it's not something you are 287 00:42:46.500 --> 00:42:51.000 um the difference again is between have and and something you know 288 00:42:54.720 --> 00:43:04.560 okay so these are both something you know so what do you think the correct answer is at this point 289 00:43:07.080 --> 00:43:14.040 the second one the second one second choice says no because it is not requiring the user 290 00:43:14.040 --> 00:43:23.040 to present more than two different credentials oh good well multi-factor really means two or more 291 00:43:26.400 --> 00:43:31.260 but wouldn't it be the last one because it's authentic authentication yeah that's correct 292 00:43:31.260 --> 00:43:38.220 I just reread that I'm so sorry no no that's fine that's fine so that's the real problem 293 00:43:38.220 --> 00:43:44.160 here it's not multi-factor because you're not using different authentication types 294 00:43:44.160 --> 00:43:49.320 they're both the same and they have to be different to be multi-factor 295 00:43:50.100 --> 00:43:53.760 okay good morning all right let's move on 296 00:43:57.300 --> 00:44:04.380 okay so this question involves geotagging which of the following is the best example of geotagging 297 00:44:05.160 --> 00:44:15.420 number one a user takes a photo that gets GPS coordinates embedded into it or number two someone 298 00:44:15.420 --> 00:44:22.860 can locate a person's location in real time by tracking the coordinates of their mobile device 299 00:44:23.640 --> 00:44:30.720 or number three a device that can report its location very accurately while Outdoors 300 00:44:31.440 --> 00:44:39.360 or number four a storefront that can send push notifications when you are driving past it 301 00:44:39.360 --> 00:44:48.300 which of those choices is geotagging uh the first one the first one okay anybody else 302 00:44:53.160 --> 00:45:00.720 okay so yeah Seth you're correct it is the first name what is the second one an example of 303 00:45:11.640 --> 00:45:22.620 okay so the term we would use for the second one is geolocating okay first one's 304 00:45:22.620 --> 00:45:28.020 geotagging second one is geolocating what about the third one this is pretty common 305 00:45:31.920 --> 00:45:38.880 you're out taking a long hike or trip through the the wilderness 306 00:45:40.020 --> 00:45:41.820 it's a good idea to have one of these 307 00:45:43.200 --> 00:45:52.860 GPS yes this is describing global positioning system okay because a device that can report 308 00:45:52.860 --> 00:45:58.680 its location accurately Outdoors is a global positioning device and how about the fourth one 309 00:46:06.540 --> 00:46:17.100 okay so the term here that uh the fourth description is um is for is called Geo targeting 310 00:46:17.820 --> 00:46:32.340 okay so geotagging geolocation global positioning and Geo targeting all right okay let's move on 311 00:46:41.160 --> 00:46:49.680 premises to Cloud companies are starting to ship from using on-premises authorization Solutions 312 00:46:50.880 --> 00:47:02.100 to public cloud provider auth Services Solutions how might the change in processes be depicted 313 00:47:03.780 --> 00:47:09.600 your first choice a company's Network that was open to Partners suppliers 314 00:47:09.600 --> 00:47:15.060 and customers is now open to a well-defined group of employees 315 00:47:16.680 --> 00:47:24.840 or the administration of accounts and devices change from being decentralized to centralized 316 00:47:25.980 --> 00:47:32.940 or businesses start using full disk encryption with cloud-based virtual machines instead of 317 00:47:32.940 --> 00:47:41.760 an on-premises virtual machines finally many organizations originally used ldap Technologies 318 00:47:43.020 --> 00:47:46.260 but are now using some type of federation technology 319 00:47:48.120 --> 00:47:59.820 okay so the game is pretty much the same here um when I take certification exams or any kind 320 00:47:59.820 --> 00:48:05.220 of assessment and especially if it's in this format I usually look for something 321 00:48:05.220 --> 00:48:11.400 that can be eliminated pretty quickly so do you see anything like that here 322 00:48:18.840 --> 00:48:22.320 okay do you think it has anything to do with full disk encryption 323 00:48:24.900 --> 00:48:28.560 as we're kind of talking we're not kind of talking the questions talking about 324 00:48:28.560 --> 00:48:38.640 on-premises authorization versus cloud provider or off-premises 325 00:48:45.780 --> 00:48:55.680 okay so the third answer is the one that jumps out is not really having anything to do with this 326 00:49:01.260 --> 00:49:01.860 okay 327 00:49:03.960 --> 00:49:06.660 so that leaves us with one two or four 328 00:49:15.720 --> 00:49:16.680 okay what do you think 329 00:49:19.500 --> 00:49:20.280 can we 330 00:49:22.740 --> 00:49:25.740 thank you I'm sorry go ahead 331 00:49:28.020 --> 00:49:34.620 does number one need to be eliminated as well okay so companies Network that was 332 00:49:34.620 --> 00:49:39.480 open to Partners suppliers and customers is now open to a well-defined group of employees 333 00:49:40.620 --> 00:49:45.720 I don't think that really matters because you can do the same thing whether it's on premises 334 00:49:45.720 --> 00:49:53.820 or using Cloud providers so good number one can be eliminated that leaves us with two or four 335 00:50:04.380 --> 00:50:14.940 okay so if if if these services are provided on premises so it's two oh sorry well 336 00:50:15.720 --> 00:50:19.980 what I was going to say was if they're provided on premises or off 337 00:50:21.360 --> 00:50:28.260 I mean as far as being a decentralized or a centralized service 338 00:50:31.620 --> 00:50:39.900 it's probably not going to be that right because if it's a centralized service and let's say you 339 00:50:39.900 --> 00:50:52.440 know um some type of AAA service on a server okay and you know whether it be tax or radius 340 00:50:53.880 --> 00:50:59.220 um if either of the solutions let's say they're centralized okay 341 00:51:01.740 --> 00:51:06.540 would that necessarily change because we went off premises to the cloud 342 00:51:09.720 --> 00:51:17.880 so so that that answer is kind of weak the best answer is the fourth answer and especially when 343 00:51:17.880 --> 00:51:26.040 they start talking about Federation technology because these type of services are what we 344 00:51:26.040 --> 00:51:30.960 would call and what the Security Plus exam expects you to know as Federated services 345 00:51:31.920 --> 00:51:41.040 and especially when it comes to this this type of authentication and authorization and so the 346 00:51:41.040 --> 00:51:48.360 question is really describing Federation services um and specific that generate access tokens 347 00:51:48.360 --> 00:51:55.680 to provide access anywhere across the internet because that's what the cloud services get us okay 348 00:51:57.840 --> 00:51:58.500 all right 349 00:52:10.500 --> 00:52:15.000 all right SNMP version 3 authentication allows 350 00:52:15.000 --> 00:52:21.780 the use of which hashing algorithm below so your choices are md5 Sha 351 00:52:22.920 --> 00:52:25.080 both a and b or none 352 00:52:26.160 --> 00:52:30.600 this is pretty much a straight up knowledge based question so what do you think 353 00:52:38.580 --> 00:52:45.900 somebody take a guess at it one two three or four three 354 00:52:48.660 --> 00:52:56.340 both are correct okay and again it's almost straight up knowledge base it's 355 00:52:56.340 --> 00:53:02.700 something that you just have to know it can use either md5 or shawl one 356 00:53:04.500 --> 00:53:11.220 um it's also probably useful to know that both of those can be Brute Force to recover 357 00:53:11.220 --> 00:53:19.980 a clear text password so not exactly the strongest type of security okay