Welcome to Cyber Res Video Siris on the comp. T s security plus 5 +01 Certification and exam. I'm your instructor Round Warner,
please visit cyber harry dot i t. For more information about the security Plus and other certifications,
the fourth domain of the Security plus exam is all about identity and access management. For I am
identity and access management is the security principle that defines the proper authentication Authorization and access to resource is for user's
section 4.1 requires you to compare and contrast identity and access management concepts.
It is necessary to understand the process and function of access control, including identification, authentication, authorization and auditing, or I Triple A.
This part focuses on the four main principles of identity and access management.
I am concepts selecting appropriate identity and access service solutions,
implementing identity and access management controls and following account management. Best practices
in this video will cover logical access controls,
defining the terms I, a
multi factor authentication
federation and Federated Identity,
single sign on and transitive trust.
Let's start by defining some of the terms
identification and authentication
identification is that first step where you're providing your identity, something to show who you are.
It's where the subject provides identification information unique to that subject. So my user I deem my account number all should be unique. As I'm providing an identity. Saito, a website,
or even physically driver's license or passport is an identity.
The second step is authentication proving my identity, verifying the identification information
for examples. Past phrase passwords, pins, fingerprints, smart cards, all methods for authentication.
We'll cover this topic in a little more detail in just a few minutes.
A couple of other terms you need to be familiar with associated with I am
authorization and auditing
authorization. What you're allowed to see or do. It's your permissions. What permissions do you have on the system?
It's determined it's determining the operation's a subject may perform on an object.
Then there's auditing or accounting.
This is reactionary. This is the tracking of who does what when, where, how on the system
record of events normally captured in logs.
Be familiar with the definitions of each of these terms. As we move forward with this section,
there are many methods to prove your identity. To authenticate yourself on the screen, you see five factors first being something you know, such as your pin or password. Second, something you have you own like a smart card, a token identification device,
a driver's license, for example, or
even your smartphone.
Third, something you are
such as fingerprints,
eyes, et cetera.
It could also be something you do
your action. You take to complete authentication how fast you type, how fast or slow you walk.
Also part of biometrics.
The last factor you need to be familiar with is that geographic location where you are. If you're normally signing in from a certain location
that could be considered a factor,
keep all of these in mind for the next section.
When you use on Lee one of those factors it called single factor authentication S F A.
Traditionally, it's a password. But even now, with many phones, were you just using your fingerprint
single factor authentication. It's best to combine factors. The more factors you bring together,
stronger their security
and that's called multi factor authentication were M F. A.
May also see this refer to as a T f A or two factor authentication. Were you using two of those factors when you're proving your identity
by the way, the factor should not be of the same category. So, for example, two passwords
not considered multi factor authentication because it's both something you know.
Then there's mutual authentication where each party authenticates each other. Like I could authenticate a website
by using their certificate. They authenticate me with my user I D and password.
That's mutual authentication.
Many of you are familiar with biometrics or type three authentications, something you are.
It's your fingerprints. Phase voice,
All can be used to prove your identity.
A challenge with biometrics, though, is the potential for error. For example, the three terms you see on your screen You should be familiar with these for the security plus exam
F A r false acceptance rate when the system accepts someone, an intruder who should be rejected
false rejection rate when the system rejects an authorized user. We've all seen this
when these come together, when they match, it's known as the crossover error rate.
The image on the screen shows an example. It's a metric for comparing biometric systems, So if you're wondering which one works, better
check out the crossover air aerator C e. R.
Be familiar with these biometric error terms. You might see a question on this on the security Plus example,
Another common term you may see
is Federated Identity or Federation.
For example. You want to just sign in once and gain access to multiple resource is in and outside of your organization.
That's Federated identity to means of linking a person's Elektronik identity and attributes straw stored across multiple distinct identity management systems, taking you and your privileges outside of your own an organization and leveraging those within others.
So the other organizations Federated your identity from your employer. For example,
commonplaces. You'll see this is with Google, Facebook country, Amazon and Microsoft.
You log in using your Google I D. And it's Federated out too many. Other Resource is
an associated term is single sign on or es eso
were allows the user to authenticate one time and then access Multitude of resource is in and out of their organization without needing to re authenticate. It's not the same as password synchronization. Sometimes not. A synchronized sign on your password is the same across multiple systems.
That's where you log in one's can access to many
sites, and resource is
the risk. There though, is that if someone finds out your user I d and password to log in to your S S o they are you across all the systems where you have permissions
or authorization to access
may also be a single point of failure. That SSO site goes down to be challenging for you to access those other resource is
we're seeing this more and more across the Internet. So be familiar with this term.
Keep in mind the transitive principle you may have learned in school where one party a trust, another party B
be then trust See So therefore, relationship can exist between A and C.
This is seen in all versions of active directory.
The default is that all domains in a forest trust each other
with two way transitive trust relationships.
If we can also see a potential risk with a trusting see because they also trust be
this concludes the lecture portion of section 4.1 comparing and contrasting identity and access management concepts.
Let's practice on a sample quiz question
Which of the following is a term used whenever two or more parties authenticate each other?
The answer is
be mutual authentication.
Refer to the definition mentioned earlier.
There's also a lab associated with Federated Identity, but you may want to consider doing to help cement the ideas we've covered in this section. Active Directory, Federation Service or a. D. F. S is a Microsoft technology that provides identity Federation that uses claims based authentication.
Acclaim is basically a statement regarding a user such as the username email address,
along with other attributes that identify the user to the application and the resource being requested
in this lab
to walk through a domain and how to establish Federated Service's
in this video
I covered section 4.1 comparing and contrasting identity and access management concepts.
Please see your study material for more information on this section.