Back to blogging

I took some time off from this and thought I would be fine to go through the questions I didn’t know and sort of work my way through them. I found that when I got to the part where I didn’t review all of my wrong answers, shockingly, I still didn’t know the right answer so now I have roughly 50 slides that I need to blog. I was kind of feeling tired of going through them but after realizing I probably needed to in order to pass I seemed to have regained my muster to go through them. Going through a bunch of questions and getting them wrong is discouraging and somehow that proves to be a motivator to do a better job as I would actually like to have this cert for a myriad of reasons. Who knows, it isn’t TV and having a lot of certs at the top of a resume seems to be helpful in my case. I’m not saying that’s always the truth or that you have to have them to know what your doing but they sure don’t hurt. The gym is going pretty good but I did sort of start smoking again. So I need to keep up motivation on that. I started playing WoW some too. I seriously miss it but it can be a huge time sink. I guess its all about balance. Anyway, I feel like 5 is maybe too few so I’ll do like 5 sets of 10 for this go round and then finish out the final 80% of the 250 questions that I missed and then go through the ones I missed out of that set again then the entire 250 and see where am at and possibly at that point go through all 700 questions again and hope to be in the mid 90s and then attempt to take the test. I’m feeling like I might fail this one the first go round which is a little scary but I’ll pass it eventually. Honestly, its constant work on keeping up with certs as after this one i’d like to do another but I’m not sure what. Was thinking the CySA+ but maybe not. Anyway, lets get into it.

photo 3_zpsiz5umdiu.png

I find these hella confusing for some reason and I also find my self wondering what file system uses these because you talk to a windows system admin about this they are going to have no idea what your talking about and ask who needs permissions to what and if they all work together.

  • RBAC – In computer systems security, role-based access control or role-based security is an approach to restricting system access to authorized users.
  • MAC – In computer security, mandatory access control refers to a type of access control by which the operating system constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target
  • ABAC – Attribute-based access control, also known as policy-based access control, defines an access control paradigm whereby access rights are granted to users through the use of policies which combine attributes together.
  • DAC – In computer security, discretionary access control is a type of access control defined by the Trusted Computer System Evaluation Criteria “as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong”

Maybe if I look at enough questions and answers this will make sense because the question does have a compound component to it which does actually makes sense for being ABAC. However the differences between DAC and RBAC seem like the same thing.

photo 5_zpsk1mh830p.png

You know, looking at this one and realizing that I don’t understand certificates that well makes me think that I should group them into categories to stay consistent. This would require a significant amount of admin overhead however I might keep a running count of what posts are where. Anyway, this one seems like “im not really sure what kind of research I can do with it” but for me there are still some missing pieces. Like I really don’t have this thing nailed down of how encryption and authentication protocols work together? It seems like it should be really obvious but some how I’m still confused. Like SFTP encrypts both authentication information and transmitted information but obviously its not what your using to login with. You use Kerberos to authenticate and the question clearly says ‘data in transit’ implying an encryption protocol and here I’ve selected an authentication protocol clearly indicating I don’t know the difference between the two. Perhaps as I go through these types of authentication and encryption questions I should note if its authentication or encryption and possibly note what type of encryption works with what encryption. I think overtime I’ll understand this but IMO this is the trickiest part of this exam. So, I’m going to make a list of links to these and read about them again. My favorite part is combining the hash functions with the encryption types. woooh boy. This is fun…

  • S/MIME – S/MIME functionality is built into the majority of modern email software and interoperates between them. Since it is built on CMS, MIME can also hold an advanced electronic signature. S/MIME provides the following cryptographic security services for electronic messaging applications: Authentication Message integrity Non-repudiation of origin (using digital signatures) Privacy Data security (using encryption) S/MIME specifies the MIME type application/pkcs7-mime[2] (smime-type “enveloped-data”) for data enveloping (encrypting) where the whole (prepared) MIME entity to be enveloped is encrypted and packed into an object which subsequently is inserted into an application/pkcs7-mime MIME entity.
  • TLS – its now-deprecated predecessor, Secure Sockets Layer (SSL),[1] are cryptographic protocols designed to provide communications security over a computer network.[2] Several versions of the protocols find widespread use in applications such as web browsing, email, instant messaging, and voice over IP (VoIP). Websites can use TLS to secure all communications between their servers and web browsers.
  • SFTP – loops back to SSH and no where is PKI mentioned haha
  • SAML – Security Assertion Markup Language is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is an XML-based markup language for security assertions. Used with SSO but has nothing really to do with encryption? Teaching myself this stuff gets confusing

This is the most amount of reading I have spent on a single subject in a while haha

photo 4_zps4nzxk8h5.png

I’m not really sure what a sponsored guest account is and to be frank, I’m not going to look it up as I understand the idea of it being a short term account that gets cycled out.

photo 2_zps0a4tsvxj.png

The answer appears to be totally random as I have no idea what Spim is. The obvious choice for me is Impersonation as they are pretending to be the HD however the combo of vishing and impersonation i would accept.

  • Vishing – is the telephone equivalent of phishing. It is described as the act of using the telephone in an attempt to scam the user into surrendering private information that will be used for identity theft.
  • Impersonation – The social engineer “impersonates” or plays the role of someone you are likely to trust or obey convincingly enough to fool you into allowing access to your office, to information, or to your information systems.
  • Scareware – malware tactic that manipulates users into believing they need to download or buy malicious, sometimes useless, software. Most often initiated using a pop-up ad, scareware uses social engineering to take advantage of a user’s fear, coaxing them into installing fake anti-virus software

Again, kind of grey area buy honestly how do you vish without pretending to be reliable source?

photo 1_zps7xfdezzn.png

I’m not entirely sure I understand the question outside of realizing its been issues to an IP but I think the problem is with understanding the answer choices. So i’m going to get into those

  • OSCP – Internet protocol used for obtaining the revocation status of an X.509 digital certificate
  • OID – an identifier mechanism standardized by the International Telecommunications Union (ITU) and ISO/IEC for naming any object, concept, or “thing” with a globally unambiguous persistent name
  • PEM – is a de facto file format for storing and sending cryptographic keys, certificates, and other data, based on a set of 1993 IETF standards defining “privacy-enhanced mail.”
  • SAN – an extension to X.509 that allows various values to be associated with a security certificate using a subjectAltName field.[1] These values are called Subject Alternative Names (SANs). Names include

The first choice is the best thing to check. However, how you check with a CRL is another process.

photo 3_zpsiz5umdiu.png

I have gone over these a million times and should honestly probably make my self flash cards at this point as I;m still unclear on the subtleties however abac stands for access based account control

Ok, I did an unusual amount of reading for this. Usually at this point in my cert studies I can spend about 5 mins on something and get a grasp on it however with access controls and encryption, authentication and hashing (which seems like it should be encryption but it isn’t) things get a little muddy. That said, I am actually trying to learn the material so its worth it to invest in an actual understanding. So I guess what I’m getting at is that my brain is full for the day and I should rest in spite of my goal to get many more than 10 questions done haha.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

Website Powered by WordPress.com.

Up ↑

%d bloggers like this: