WEBVTT

1
00:00:00.000 --> 00:00:01.180
foreign [Music]

2
00:00:26.580 --> 00:00:31.320
the topic for this evening
is part two of authentication

3
00:00:31.320 --> 00:00:34.080
controls and let's start with the first question

4
00:00:37.500 --> 00:00:43.980
password Authentication Protocol which
of the following is true regarding happy

5
00:00:47.580 --> 00:00:50.040
okay several responses in the chat

6
00:00:52.740 --> 00:00:59.160
and they're all looks like it looks like
they're all for response C it relies on

7
00:00:59.160 --> 00:01:06.420
Plain text password exchange and yes as we
discussed in the first part it absolutely does

8
00:01:08.040 --> 00:01:13.440
um it was developed as a means of
authenticating users over a Remote Link

9
00:01:14.340 --> 00:01:25.860
hmm possibly but not the best answer it
guards against replay attacks no and response

10
00:01:25.860 --> 00:01:31.080
D it is an encrypted tunnel that passes a
password from one port to another it is not

11
00:01:32.040 --> 00:01:39.780
in fact it is very weak and because of its use of
plain text okay let's go on to the next question

12
00:01:44.040 --> 00:01:52.080
proposed method a lead developer and apple
technology has proposed an authentication

13
00:01:52.080 --> 00:01:59.220
mechanism to implement in their new smart
watches instead of using a fingerprint scanner

14
00:01:59.220 --> 00:02:07.200
the idea of this authentication mechanism is
for the smart watch to recognize if the user

15
00:02:07.200 --> 00:02:15.540
is allowed or not solely by their distinctive
walking movements what type of authentication

16
00:02:15.540 --> 00:02:21.540
method is this developer proposing okay
we already have lots of responses here

17
00:02:24.300 --> 00:02:29.280
and they are perceived and that's
that is correct gate analysis

18
00:02:30.720 --> 00:02:42.180
um somebody's gate refers to how they walk so that
one was I think pretty easy um it is obviously not

19
00:02:42.180 --> 00:02:51.780
involved with any kind of swiping patterns
or RFID or Biometrics although gain analysis

20
00:02:53.160 --> 00:03:04.320
your gate I suppose could be considered biometric
but the best answer here is gait analysis okay

21
00:03:10.020 --> 00:03:10.920
next question

22
00:03:13.500 --> 00:03:22.260
security assertion markup language tokens possess
what kind of data after being granted access

23
00:03:24.300 --> 00:03:29.100
that's look at the responses
and butcher choice in the chest

24
00:03:34.320 --> 00:03:36.300
okay let's see what you're thinking

25
00:03:38.520 --> 00:03:47.160
so we have a vote for c b and
a kind of hitting all around it

26
00:03:48.540 --> 00:03:58.680
so the correct Choice here is D responds to clean
data security assertion markup language is an XML

27
00:03:58.680 --> 00:04:05.640
standard designed to allow systems to exchange
authentication and authorization information

28
00:04:06.780 --> 00:04:14.940
this is often used with identity Federation and
claims-based authentication so claim data is the

29
00:04:14.940 --> 00:04:25.980
correct answer biometric data is incorrect pkc
data this is response B public key cryptography

30
00:04:26.760 --> 00:04:33.300
that's a cryptographic algorithm and
crypto system component implemented

31
00:04:33.300 --> 00:04:41.700
widely pkc facilitates confidentiality data
Integrity authentication and non-repudiation

32
00:04:42.540 --> 00:04:50.100
it's also a digital signature algorithm component
and used to authenticate a private Key verifiable

33
00:04:50.100 --> 00:04:58.020
by anyone with authorized public key access
and of course we're talking about validating

34
00:04:58.020 --> 00:05:07.320
messages between origin and sender okay
plain text Data no we were talking about

35
00:05:07.320 --> 00:05:18.480
security assertion markup language plain text is
incorrect okay let's go on to the next question

36
00:05:26.460 --> 00:05:35.340
SNMP version 3 hashing algorithm
SNMP V3 authentication allows the

37
00:05:35.340 --> 00:05:45.120
use of which hashing algorithm below
your choices are md5 hashing is h a

38
00:05:46.560 --> 00:05:51.840
options A and B being correct or
d none of the options are correct

39
00:05:55.980 --> 00:05:59.100
okay so we have some responses coming in

40
00:06:01.620 --> 00:06:03.540
and let's see what you're thinking

41
00:06:05.400 --> 00:06:09.780
today's favorite Choice a vote
for d a vote for a a vote for C

42
00:06:11.580 --> 00:06:21.000
and in fact the correct answer is Choice
C options A and B are correct so md5

43
00:06:21.840 --> 00:06:34.200
secure hash algorithm these are both used by SNMP
version three um if you need greater security

44
00:06:35.220 --> 00:06:45.660
than you can use data encryption standard
okay so G is incorrect and either A or B

45
00:06:45.660 --> 00:06:52.680
by themselves is incorrect options A and B
all right let's move to the next question

46
00:07:01.440 --> 00:07:12.480
okay which of the following is not true regarding
SNMP version 3. take a moment look at the response

47
00:07:13.800 --> 00:07:15.060
and make your choice

48
00:07:19.680 --> 00:07:24.660
okay so we have a single response okay
there's another one let's get a few more

49
00:07:30.900 --> 00:07:41.340
okay let's see what everybody's thinking we
have votes perceived Choice C and choice C

50
00:07:41.340 --> 00:07:52.740
SNMP version 3 is a network traffic monitoring is
the correct choice this is one of those not type

51
00:07:52.740 --> 00:08:06.060
question which of the following is not true both
A and B are true indeed okay so what is it about

52
00:08:09.540 --> 00:08:12.900
Choice C that makes it the correct answer

53
00:08:16.980 --> 00:08:29.220
Okay so simple Network management protocol
is a protocol used in network monitoring

54
00:08:30.300 --> 00:08:39.540
but this response says Network traffic
monitor and that tends to lead more to

55
00:08:40.740 --> 00:08:52.980
um land analyzers packet snippers okay so it's
it's too specific and it's describing something

56
00:08:52.980 --> 00:09:04.740
that is more Associated closely associated with
packagemaking okay snmp3 is a network monitor

57
00:09:06.780 --> 00:09:10.680
okay let's move to the next question

58
00:09:20.340 --> 00:09:31.260
SSH passphrase once the sys admin configured
the Linux file server to allow SSH key based

59
00:09:31.260 --> 00:09:39.360
Authentication some users began complaining
that their client machines are asking them

60
00:09:39.360 --> 00:09:47.700
for a passphrase when logging in using key based
Authentication what is most likely the problem

61
00:09:49.920 --> 00:09:54.600
okay read the responses carefully
and then make your choice in the chat

62
00:09:59.760 --> 00:10:02.940
Okay so we've got some responses coming in

63
00:10:09.120 --> 00:10:16.020
as you look at the responses think about
one that you can fairly quickly eliminate

64
00:10:25.380 --> 00:10:28.440
okay so there must be a lot
of thinking going on out there

65
00:10:29.880 --> 00:10:34.380
let's see what we have in
the chat we have a vote for B

66
00:10:37.140 --> 00:10:47.760
okay and not another you can eliminate deep
okay one of the responses that sticks out is

67
00:10:47.760 --> 00:10:55.800
is wrong in my mind is response C the SSH
client used the wrong SSH client options

68
00:10:56.640 --> 00:11:05.280
so if you're using the ssh- Keygen
okay which is a command line utility

69
00:11:06.720 --> 00:11:13.500
and you look at some of the parameters
like Dash T their type of key to create

70
00:11:13.500 --> 00:11:26.880
or Dash C to put a comment um really this
is kind of a silly answer okay so an option

71
00:11:28.620 --> 00:11:35.640
perhaps it misdews can lead to
unexpected Behavior but typically

72
00:11:36.540 --> 00:11:42.780
it's not going to be a reliable
answer certainly not a good answer um

73
00:11:45.060 --> 00:11:55.320
so the correct answer here is response a the
SSH public slash private key pair was likely

74
00:11:55.320 --> 00:12:07.200
generated using a passphrase by the client okay
so if you do that you're going to get prompted if

75
00:12:07.200 --> 00:12:13.920
you don't if you leave it blank then you're not
going to get prom get prompted for a passphrase

76
00:12:14.520 --> 00:12:24.660
okay um the SSH server's private key did not
match the user's private key now someone said

77
00:12:25.260 --> 00:12:34.980
um eliminate deep and that's also a good one to
eliminate so I would say that's responses C and D

78
00:12:35.640 --> 00:12:43.140
were the ones that could most easily be eliminated
what's what's the what's wrong with response d

79
00:12:46.500 --> 00:12:49.200
is a server going to contain the private key

80
00:12:53.760 --> 00:13:04.020
can't mismatch so the user maintains their
private key servers typically have the public key

81
00:13:07.080 --> 00:13:14.100
okay this SSH server was likely configured
by the sysadmin to require passphrases and no

82
00:13:17.880 --> 00:13:26.340
okay all right so again public private key
pair was likely generated using a passphrase

83
00:13:27.000 --> 00:13:32.340
that's what we'll do it okay
let's move on to the next question

84
00:13:40.860 --> 00:13:47.460
SSH public and private keys your
organization's network administrator

85
00:13:48.360 --> 00:13:56.280
is configuring a Linux server's SSH
Authentication to allow key based Authentication

86
00:13:57.540 --> 00:14:03.420
this setup requires that the private
key is blank and the public key is blank

87
00:14:12.300 --> 00:14:22.200
okay what do you think you just kind of
touched on this in the last question hey

88
00:14:24.360 --> 00:14:28.740
so we have some responses coming in and

89
00:14:32.040 --> 00:14:42.360
okay responses proceed mainly and one per game so
the correct response is seen okay the private key

90
00:14:42.360 --> 00:14:52.260
is kept with the user and the public key is on
the next server okay and this makes sense and

91
00:14:52.260 --> 00:15:03.720
this is how it works okay so private key kept
with the user public user no private key check

92
00:15:03.720 --> 00:15:11.340
with the Linux host public key Capital bonix
house now and choice D kept with the Linux host

93
00:15:16.620 --> 00:15:24.540
so correct answer is Choice C the private key is
kept with the user the public key is on the server

94
00:15:25.500 --> 00:15:32.940
see we have sent to image see okay right
all right let's move to the next question

95
00:15:38.160 --> 00:15:44.700
this one involves security policy a user logs
into their account from their home computer in

96
00:15:44.700 --> 00:15:51.780
California one hour later a login attempt is
made from their personal laptop in Virginia

97
00:15:52.620 --> 00:15:59.580
but it is denied an alert is sent to the system
administrator and the account is disabled

98
00:16:00.240 --> 00:16:07.200
what security policy is most likely
being utilized in this situation okay

99
00:16:10.380 --> 00:16:12.660
okay we have a couple of responses

100
00:16:14.700 --> 00:16:21.420
again when you're looking at this try to
think about which responses can be eliminated

101
00:16:22.500 --> 00:16:25.200
or which don't make sense

102
00:16:30.060 --> 00:16:32.700
it's always helpful when you
can narrow down your choices

103
00:16:38.820 --> 00:16:39.320
okay

104
00:16:41.280 --> 00:16:45.000
so it looks like we're holding it
two responses let's see where we are

105
00:16:45.540 --> 00:16:52.920
both votes for deep impossible travel
time policy is the correct answer

106
00:16:54.120 --> 00:17:04.140
time of day policy restricts access to certain
resources to the time of day okay now what's

107
00:17:04.140 --> 00:17:10.020
obviously strange about this is that there's a
three hour time difference between Virginia and

108
00:17:10.020 --> 00:17:20.400
California so if one hour later a login attempt is
made from Virginia right that doesn't make sense

109
00:17:22.080 --> 00:17:29.640
firewall policy that is not really
a reasonable option uh response

110
00:17:30.900 --> 00:17:37.920
um location-based policy is a security
policy that restricts access to certain

111
00:17:37.920 --> 00:17:46.800
resources based on the location of the user
and so as an example a company May restrict

112
00:17:46.800 --> 00:17:55.080
access to files or applications based
on the network location of a user okay

113
00:17:56.820 --> 00:18:04.020
um the main benefit of setting up
location-based policies is to avoid data leakage

114
00:18:04.020 --> 00:18:12.840
once you have defined trusted Network locations
no one can access resources from different say

115
00:18:12.840 --> 00:18:21.120
Network location or device okay impossible travel
time policy is the best and correct answer here

116
00:18:22.680 --> 00:18:26.640
okay all right let's go on to the next

117
00:18:31.680 --> 00:18:41.040
smart key and key bomb Okay so 50 chance here
of getting this correct using a smart card

118
00:18:41.760 --> 00:18:49.020
and key fob counts as multi-factor authentication
is this a true statement or a fault statement

119
00:18:54.780 --> 00:18:59.760
okay I'm going to wait till we get
enough responses in the chat and

120
00:19:00.540 --> 00:19:05.880
we've got a few okay all right
let's see what everyone's thinking

121
00:19:09.420 --> 00:19:17.040
okay so it looks like yeah everybody's
thinking false okay yeah so this is false

122
00:19:18.180 --> 00:19:25.500
um smart cards and key fobs
well you tell me why is it false

123
00:19:29.460 --> 00:19:36.180
something you have correct they are both
something you have and that does not count

124
00:19:36.180 --> 00:19:43.140
as multi-factor authentication so very good
everyone okay let's go on to the next question

125
00:19:48.300 --> 00:19:56.880
something you do all of the following is
true regarding the authentication attribute

126
00:19:57.600 --> 00:20:01.500
something you do except which of the following

127
00:20:06.480 --> 00:20:08.700
okay so one of these responses

128
00:20:10.320 --> 00:20:16.140
is not true regarding the authentication
attributes something you do

129
00:20:29.580 --> 00:20:33.720
a we've got responses coming in
let's see what everyone's thinking

130
00:20:36.780 --> 00:20:40.320
okay so c b and d

131
00:20:45.960 --> 00:21:00.000
okay so is a user's typing speed and or a
pattern of user inputs is that something you do

132
00:21:03.300 --> 00:21:06.180
yes yes okay

133
00:21:09.720 --> 00:21:15.180
this method is subject to higher
error rates is that a true statement

134
00:21:17.340 --> 00:21:21.060
I think so okay may ask why

135
00:21:24.120 --> 00:21:32.580
why do you think that prayer I don't know
I I'm thinking practically so if if typing

136
00:21:32.580 --> 00:21:42.360
speed and pattern is like something you do that
can change yes it can yeah because as humans we

137
00:21:42.360 --> 00:21:48.600
you know that can change based on emotion based
on physical based on so many different things so

138
00:21:49.440 --> 00:21:57.960
yeah it can sure when you're in a hurry you know
your typing speed may be faster if they're just

139
00:21:57.960 --> 00:22:04.740
trying to get something done and get out of it so
yes the point very much is that things can change

140
00:22:05.340 --> 00:22:13.740
response C how one holds their smartphone
I mean that that's almost silly because

141
00:22:13.740 --> 00:22:20.580
there's so many different ways right okay
yes human error Too Many Factors absolutely

142
00:22:21.180 --> 00:22:30.600
so the best choice of all of these here is
response d this factor is practical to use

143
00:22:30.600 --> 00:22:39.720
as a primary way of authentication and it's not
because something you do with the way we do things

144
00:22:39.720 --> 00:22:48.480
is subject to change for many many different
reasons so it's just not reliable okay very good

145
00:22:52.620 --> 00:23:03.720
okay next question type of model the blank
model is used to allocate labels to objects

146
00:23:03.720 --> 00:23:14.820
and subjects for Access Control clearances okay
take a look at these and let's see what you think

147
00:23:21.540 --> 00:23:29.400
okay let's see what everyone's thinking indeed
yep very good we touched on this in part one

148
00:23:30.660 --> 00:23:37.620
um that this is more uh related to
mandatory access control and again

149
00:23:39.120 --> 00:23:47.040
um the text that she will be receiving
makes a point of mentioning this

150
00:23:47.040 --> 00:23:54.300
so not discretionary Access Control
um discretionary Access Control

151
00:23:55.080 --> 00:24:03.660
uses what you might call Access Control
entities the other term you're going to hear is

152
00:24:04.800 --> 00:24:17.460
um dacl discretionary Access Control list okay
um and one of the more common examples of that is

153
00:24:19.020 --> 00:24:31.200
um as a particular user and even on your own
system you can right click on a resource on your

154
00:24:31.200 --> 00:24:39.240
computer and bring up the properties dialog on a
Windows system and then you can actually see you

155
00:24:39.240 --> 00:24:48.780
know in the I believe it's the security tab who
has access to one so system administrator your

156
00:24:48.780 --> 00:24:56.220
user account which may be an administrator
account as well and that's a common example

157
00:24:56.820 --> 00:25:08.940
for discretionary access using an access control
list okay we've talked about role-based um and

158
00:25:08.940 --> 00:25:16.740
attribute based and neither of those is correct so
mandatory access control is the correct response

159
00:25:19.020 --> 00:25:21.960
okay and let's move to the next question

160
00:25:28.680 --> 00:25:35.400
okay type of restriction what type
of authentication restriction would

161
00:25:35.400 --> 00:25:45.720
allow an employee to log into an internet facing
employee web portal from the U.S but not cremation

162
00:25:48.480 --> 00:25:52.560
which type of authentication restriction okay

163
00:25:56.640 --> 00:26:03.240
yeah we got lots of responses on this one because

164
00:26:03.240 --> 00:26:11.340
it's pretty obvious we're talking about
geolocation restrictions okay all right

165
00:26:16.980 --> 00:26:20.040
okay and the last question

166
00:26:23.220 --> 00:26:33.720
type of security control a museum already has
security guards and security cameras near their

167
00:26:33.720 --> 00:26:41.220
exhibit and they just recently upgraded their
security controls by installing light fixtures

168
00:26:41.220 --> 00:26:48.900
that point to the exhibit and towards the
crowd which type of security control is this

169
00:26:53.400 --> 00:26:58.740
okay quite a few responses in the
chat let's see what you're thinking

170
00:27:04.080 --> 00:27:16.380
and we have votes for C looks like the majority
proceed which is deterrent and this is the correct

171
00:27:16.380 --> 00:27:24.960
choice for this question um detective controls are
security measures implemented by an organization

172
00:27:25.740 --> 00:27:36.720
to detect unauthorized activity um or some type
of security incident in general and send alerts to

173
00:27:36.720 --> 00:27:47.280
concerned individuals um would that also include
like unauthorized access yes so for example

174
00:27:48.660 --> 00:27:56.520
um I mean actually there are several examples so
one of those could be the activation of say a door

175
00:27:56.520 --> 00:28:06.240
along okay which is physical control right because
if you don't have authorization to open the door

176
00:28:06.240 --> 00:28:13.920
then right you don't have what it takes and we're
going to hear an alarm um the implementation of

177
00:28:13.920 --> 00:28:19.980
an intrusion detection system okay that one's
kind of obvious and that's a technical control

178
00:28:21.540 --> 00:28:37.200
um if you're doing an an audit um in internal
audit and um you find that a user has

179
00:28:38.580 --> 00:28:46.980
um excessive access rights for example so there's
another type which is an administrative control

180
00:28:47.640 --> 00:28:57.060
so those are detective controls compensating
security controls um first of all very

181
00:28:57.060 --> 00:29:07.140
widely and and they vary based upon um what a
particular need is being met so you know based

182
00:29:07.140 --> 00:29:17.340
on the organization's needs and in particular
um and one of those uh could be um if you um

183
00:29:19.440 --> 00:29:30.840
if there's an attack okay and let's say that you
know data was destroyed okay so um using a good

184
00:29:30.840 --> 00:29:38.400
back backup a good backup after an attack that
deleted the data that would be an example of a

185
00:29:38.400 --> 00:29:46.200
compensating control and then operational
security controls are primary primarily

186
00:29:46.200 --> 00:29:54.240
implemented and executed by people as opposed to
systems okay um they're typically put in place

187
00:29:54.240 --> 00:30:00.840
to improve the security of a particular system
or group of systems and supplement the security

188
00:30:00.840 --> 00:30:08.640
of an organization uh in a manner which in which
both physical and Technical elements are utilized

189
00:30:10.140 --> 00:30:19.560
um let's see so operational security controls
include for example in overarching security policy

190
00:30:20.880 --> 00:30:27.060
um uh certainly acceptable use policy or
security awareness training policy and these

191
00:30:27.060 --> 00:30:36.540
are examples of operational controls but in the
question the correct answer is C deterrent okay

192
00:30:39.000 --> 00:30:44.160
all right and that finishes up
authentication controls topic area