Join the 40,000+ candidates in over 58 countries that have found a faster, better way to pass their certification exam.
Comprehensive practice exam engine!
All features in the FREE plan, plus:
Welcome to our authorization module. Before a subject can access an object we must first identify the subject. This is typically done when a user presents their user name. We then must authenticate the individual. This is commonly accomplished with a password. And then we must determine whether or not the individual is authorized to access whatever resource they're attempting to access.
Authentication is the process where we look at a subject's credentials and verify that they are valid, and determine that they have the right to access the system. Authorization is the process where we determine, based on an access control list, whether the individual has permissions to access an object or not.
If they do have permission to access the object, we must determine what type of permission they have. For example, do they only have read privileges, or do they have read and write privileges? There are several different characteristics we can use to determine access. We can use a clearance level, such as whether the person holds a top secret clearance or a secret clearance.
We can use the concept of need to know, where we do not provide any data to individuals unless they absolutely need to know that information. We can also use least privilege, and with least privilege we will provide subjects with the least amount of privileges in order for them to accomplish their job, and nothing more.
And we will always use the default of no access, meaning that if the individual does not have permission to access an object, they will automatically be denied. On this slide, we have an example of an access control list commonly used with a router. Here, the router knows that subnet A is permitted to access subnet B, subnet D cannot access subnet A, and subnet B is permitted to access subnet A.
All other requests will be automatically denied. Looking at the graphic at the bottom, we can see that subnet A is permitted to access subnet B, subnet B successfully accesses subnet A, but when subnet D attempts to access subnet A, that is denied, because there is a rule in place that tells us that subnet D is not permitted to access subnet A.
We can also see that subnet D attempts to access subnet B, and that request is denied. Even though the access control list does not explicitly say that subnet D is not permitted to access subnet B, it states that any type of communication not listed in the access control list is to be denied.
So, therefore, that traffic is blocked. This concludes our authorization module. Thank you for watching.
Classified by skill and ranked by difficulty. Choose to answer questions in STUDY MODE to review and you go.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.
Don’t forget what you’ve just studied! Use the intelligent reinforcement questions to stay fresh.
THANK YOU! Just bloody thank you! I’m doing the CEH minor at my college and well...I’ve learned more from this site in a few hours than I’ve learned from my school in 9 weeks about the subject. Keep up the good work!
Skillset’s Exam Engine continuously assesses your knowledge and determines when you are ready take and pass your exam. When Skillset learns that there is a gap between your knowledge and what you need to know to pass, we present you with a focused training module that gets you up to speed quickly. No fluff! Find your knowledge gaps and fill them.
Skillset is confident that we can help anyone pass their exam. If you reach 100% readiness, and you do not pass your exam, we will refund you plus pay for a replacement exam voucher. That’s how powerful our learning system is, we can offer this guarantee and stand behind our products with this no risk to you guarantee. See terms and conditions.
Don’t waste time studying concepts you have already mastered. Focus on what you need to know to pass. The Skillset Competency Diagnostic aligns our Exam Engine and Learning Plan to your baseline knowledge. This saves an average of 31% of the time required to prep for a professional certification exam.
More PRO benefits are being built all the time!