When used alone, any authentication technique provides some security for systems. However, they each have their own drawbacks. Learn how the solution to this problem is to combine authentication techniques from multiple factors, such as combining something you know with something you have. This approach is known as multi-factor authentication.
- [Instructor] In the last video,…you learned how computer systems…offer many different authentication techniques…that allow users to prove their identity.…These include something you know such as a password,…something you are such as a fingerprint,…and something you have such as a smartphone.…When used alone, any one of these techniques…provide some security for systems.…However, they each have their own drawbacks.…For example, an attacker might steal a user's password…through a phishing attack.…
Once they have the password,…they can then use it to assume the user's identity.…Other authentication factors aren't fool proof either.…If you use smart card authentication…to implement something you have,…the user may lose the smart card.…Someone coming across it may then impersonate the user.…The solution to this problem…is to combine authentication techniques…from multiple factors…such as combining something you know…with something you have.…This approach is known as multifactor authentication.…
Take the two techniques that we just discussed,…
You can sign up for Mike's free study group at certmike.com, and find his study guides at the Sybex test prep site. To review the complete CISSP Body of Knowledge, visit https://www.isc2.org/cissp-domains/default.aspx.
Note: This course is part of a series releasing throughout 2018. A complete learning path will be available once all the courses are released.
- Identity and access management overview
- Identification mechanisms: user names, access cards, biometrics, and registration
- Authentication factors
- Password authentication protocols
- Identity as a service (IDaaS)
- Enforcing accountability
- Managing credentials with policies
- Using access control lists
- Defending against access control attacks
Skill Level Advanced
1. Identity and Access Management
5. Credential Management
7. Access Control Attacks
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.