[Cisspstudy] Authentication

Hernan Muraro Hernan.Muraro at bancogalicia.com.ar
Wed Jun 24 14:24:20 EDT 2009 

gracias Sergio por tu respuesta. coincido con tu apreciación.






Sergio Pantoja <spantoja at gmail.com> 
Enviado por: cisspstudy-bounces at cccure.org
24/06/2009 03:00 p.m.
Por favor, responda a
The CISSP Study Mailing list <cisspstudy at cccure.org>


Para
The CISSP Study Mailing list <cisspstudy at cccure.org>
cc

Asunto
Re: [Cisspstudy] Authentication






I'm not sure about this question.

Taking the key "individual/person"

- UserID + Password can be anybody with my credential, so doesn't 
authenticate my "individual/person"
- SmartCard + PIN can be anybody with my smartcard (and the PIN writting 
down in the back of the smartcard :)), so doesn't authenticate my 
"individual/person"
- Two-Factor Authentication is a combination of 2 factors of 
authentication, which can include biometric
- Biometric the person is who is claiming to be, in this case me.

At first reading my answer would be "C"

But giving in a second thought, Two-Factor authentication can or can't 
include Biometrics (in fact the second alternative is an Two-Factor 
Authentication), with this in mind the best way to authenticate an 
"individual/person" is Biometric.

Uff now i have headache


2009/6/24 Hernan Muraro <Hernan.Muraro at bancogalicia.com.ar>


This is pure interpretation, in my view the correct answer is biometry, as 
the question suggests the person is not authenticated and a better method 
that is more robust, is what I understand, I do not know if it is at all 
correct. 

Greetings





Nicolas Rotta <nicolasrotta at gmail.com> 
Enviado por: cisspstudy-bounces at cccure.org 
24/06/2009 12:15 p.m. 


Por favor, responda a
The CISSP Study Mailing list <cisspstudy at cccure.org>


Para
The CISSP Study Mailing list <cisspstudy at cccure.org> 
cc

Asunto
[Cisspstudy] Authentication








I am pretty sure this question is incorrect. I've answer c. What about 
keyboard dynamics biometric? It is not very good. Two-factor 
authentication could include biometrics.

Question: 1381 | Difficulty: 5/5 | Relevancy: 3/3
How can an individual/person best be authenticated?

    a  UserId and password
    b  Smart card and PIN code
    c  Two-factor authentication
    d ?Biometrics


Nicolas Rotta_______________________________________________

cisspstudy mailing list
cisspstudy at cccure.org
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org

EN BANCO GALICIA CUIDAMOS EL MEDIO AMBIENTE, QUE ES RESPONSABILIDAD DE 
TODOS.

Este mensaje y sus anexos son confidenciales y de uso exclusivo de las 
personas a las que está dirigido. En caso de que Ud. recibiera este correo 
por error no podrá modificar, copiar o distribuir parte o la totalidad del 
mismo; asimismo le solicitamos que tenga a bien eliminarlo de su sistema .
El emisor no acepta responsabilidades por errores u omisiones en el 
contenido de este correo dado que internet no garantiza la seguridad e 
integridad de las comunicaciones.
Las opiniones vertidas en este correo son exclusivas de su autor y no 
representan la opinión del Banco Galicia.

_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org




-- 
Sergio Pantoja H.
spantoja at gmail.com
System, Network and Security Administrator
Linux User register #239475
Mandrake Club Member_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org


EN BANCO GALICIA CUIDAMOS EL MEDIO AMBIENTE, QUE ES RESPONSABILIDAD DE TODOS.

Este mensaje y sus anexos son confidenciales y de uso exclusivo de las personas a las que está dirigido. En caso de que Ud. recibiera este correo por error no podrá modificar, copiar o distribuir parte o la totalidad del mismo; asimismo le solicitamos que tenga a bien eliminarlo de su sistema .
El emisor no acepta responsabilidades por errores u omisiones en el contenido de este correo dado que internet no garantiza la seguridad e integridad de las comunicaciones.
Las opiniones vertidas en este correo son exclusivas de su autor y no representan la opinión del Banco Galicia.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090624/d70ae02f/attachment.html>

More information about the cisspstudy mailing list