3.2 Authentication, Authorization, and Accounting Part 2
2 hours 22 minutes
hello and I would like to enthusiastically welcoming you back to the side Berries Empty. A 98 3 67 security Fundamentals Certification Prep course
As a reminder.
This is a continuation of marginal to and margin number two to its title authentication, authorization and accounting.
With that Man said, Let's take a look at the objectives will be coming three objectives of this particular market because we covered the previous two in a previous video. In this particular model, we're discussing understanding, encryption,
understanding, protocol security. And that's been on certainly so which understanding audit policies.
So let's first of all, take a look at a pre assessment question here
and the course of this title.
What is the process of converting data into a format that cannot be read by another user? Is it a encryption?
Is it be locking?
Is it? See Keone or D registering?
If you say let the encryption, you're absolutely correct, because encryption is the process of converting down into a format that cannot be read by another user. At the file's encrypted is automatic remains and cripple. One stored on a disc decryption is a process again off, converting down from encrypted format back to his original format.
Now we have an anti if S card stands for a new technology. Foul system is a standard file system for winners. Anti operate systems is used for retrieving the storm files on your hard disk. What happened with anti vest induce a number of enhancements, including innovative data structure that increase performance, improved mega data
added expansions like security, access, control,
reliability, space, unionization and file system General. In the other words and new technology found system replace the operating OS two high performance file system.
So this next green shot we're taking a look again at NT F s permissions. Now, in anyone's network, you can set sharing permission for drives for your boulders on that network. Each user can choose the share entire drive or individual full of within the network. And if s permissions are available to drive for medic with the aunt, if s
now we look at Intervest permissions, we have several different missions. Again, we have explicit permission with your permissions that are set by default.
Then here permissions offer mission that are given to an object.
So then we have effective permissions. If you want to find out what permissions the user group has on an object you can use what we call effective permission to and what that does for you essentially calcalist permissions that a granted to a specific user group. So again, we These are two ways of types of a mission of this place. A commission.
Inherit it. And then we also effective commission
permissions, in other words,
and that brings us to sharing drives in Fuller's. Now where do you think of my intent, permission and anyone who's network you can set sharing permission for drives and folders again in a network. We can also implore what we call Universal naming convention what that is. It's simply a way of identifying the sheriff found in the computer
without having to specify
or know the stories devices on. So again, obviously this what we actually see happen. And so the illustrators on this slide here, this is called a universal, again naming convention.
Now, getting to the part where we tell my share in the foal all your news located for you on this year,
right? Click it with your mouth to share with, and then you select the specific people then you're gonna have a sheriff and what we call the share impound it will appear with the option to share it with other users on the computer or your home network. I don't wear Alm Group. Other words. After making her selection, you get shared so again, basically
far. Sharon is a practice of sharing our offering access to digital information or re sources, including documents, multimedia
audio, video graphics, computer program images and so forth That brings us to encryption. Encryption is a process. Converting data to a unrecognizable are encrypted form. It is commonly used protect sensitive information so they end. So only authorized parties can view it.
This includes foul stores, advices well, as data transfer over wireless networks
as well. Ask the Internet. You can encrypt a file folder or entire bar views. What we're using, what we call file encryption utility such as again, GNP, you
or Ex script. So these are some of the different ones have listed
force public key infrastructure again. It allows users of the again of the Internet and other public networks to engage in what we call secure communication that exchange and money exchange. This is done through public and private photography key pairs provided again by a certification authority.
Now the different types of systems in the peak air your private and public key systems. Ah, were you thinking about symmetric use the same key to encrypt it? Well, it's decrypt asymmetric again. You have a public as well as a private key. And that's that. One of the great reason by the advantage of this enhancements,
because you're not using the same key because of yet
and some metric use the same Keating cripples with decrypt. That could be a security issue.
Then we think about digital certificates, not death certificates. What? No, they did their indicate the weapon credentials off the center and lets the recipient
oven encrypting medicine. Know that the data is from a trusted source is and who claims to be one a disgrace if it issued by a certification authority. Your digital certificates are used with Seth signatures and message encryption. Digital certificates are also known as public key certificates or
enter the entity of what we call
Now, these are different forms. Encryption again, as the sale is a standard security protocol,
you have S s s certificates again as well,
which is necessary create will call SSL connections. We also have begin to secure a multipurpose again in the mail distinctions of standard for public key encryption or signing again
what we call multi purpose in that mail extensions. We also have pretty good, or PGP, which again is a basis used for encrypting and equipment, digital files and communicating over the Internet. It was released with the Bass O Matic Symmetric Key, our algorithm, but were later replaced again by the international data
encryption again algorithm.
We also have another thing called encrypted Faustus. But E f s get basically on Microsoft Windows is a feature introduce inversion three point off int if s what it does. Provide foul system level encryption the technology they will file to be transparently encrypted to protect confidential information of attack with physical access to the computer
bit lock again is a full encryption and feature included with your Microsoft Windows version. Starting with your Windows Vista is designed to protect data by provided encryption for your entire volume.
We also have again virtual private network again, which is a private a network that is built over a public infrastructure are worse. You realize I'm VP and new lives for a unsecure infrastructure which, being your INTERNET, it so get that allows you to be 1/2 in encryption, and as a result, it mitigates the possibility of men and middle attacks
become too auditing
again, given access to use this against getting that have been authenticated. So again, you wanna have a way of being able to and sure dead that that's completely secure. One way to do that. Do what we call auditing process is
so what you do in a beauty enable artist so you can have a record player. Uses other words of advice you record in the majors. Who logged on what time? Obviously,
that could be very calm. Very important, particularly. We have a situation where they have to be some type of breach. You It would be to go back and figure out where that actually started at through a process called Artemis. This actually screenshot here show that Artemis is a systematic an independent examination of books, accounts,
statutory records, documents and vouches of organization
to ascertain high for the financial statement how far the finance team, as well as none financial, is going to present a true and Fairview so basic autumn is a great way to ensure that you have article particularly. You have someone coming into an audience first thing. Actually, if they happen to be a breach, let me see art it long. Have you been on it? And then that could be a big issue.
We also have sis law, which give is a way for network devices. Sin events message to a what we call it a large and server using. Known as a cyst log server, The six log protocol is supported by a wide range of devices that can be used to long, different types of events. Now this brings us to assessment course. In the course is follow.
Where's an electric document? It contains that person
organization name, a serial number, expiration, a copy of the certificate holder, Public key used for encrypted messages and to create digital signatures and the signatures of the certificates authority that assigned a distinctive so that the Pacific can verify the scientific Israel. Is it a digital certificate? B. P. D. A.
See smartphone or
If you should let the district if you after correct because It's an electric document. Contains a person's organization, name, a serial number, expiration date and so forth. That brings us to review question here now doing. Of course, it's a particular course of instruction. Again, we discuss again understanding user authentication.
We discuss the encryption process.
We also learn about again decryption.
We talked about some metric encryption, basically utilizing two keys to encrypt as well as decrypt. And at when we turn our attention toward asymmetric, that means losing to a public as well. It's a private key.
So the Andes some of the topics discussed doing this particular module.