Video Description

In this section we move on to discussing the TYPE II form of authentication. This type is based around something you have, or viewed another way, something you can touch - if only in a virtual way. Some examples are listed below: - Token devices - Smart cards - Memory cards - Hardware keys - Cryptographic key - Certificates - Cookies We mention that the advantage of TYPE II authentication is that it reduces the vulnerability associated with the password sniffing exploit. The features and differences between memory cards and smart cards are then covered. Finally, and perhaps most interesting, is a discussion of the exploits directed at smart cards, but perhaps the greatest risk with smart cards is vendor-initiated. The integrity of smart card authentication is essentially stripped away when you're asked to simply swipe a chip card. At that point, it reverts back to a plain old electromagnetic memory card thus losing all its advantages over memory cards.

Course Modules

ISC2 CISSP