authentication - answering phone

Comments

• zackmax Posts: 61Member ■■□□□□□□□□

  October 2015

  a user cannot install a new and relatively unknown software on their system
  
  application black listing ?
  application white listing ?
  
  
  both of the above answers prevent unauthorized apps from being installed so its confusing.

  0 · Share on Facebook
• tmurphy3100 Posts: 146Member ■■■□□□□□□□

  October 2015

  Application white listing should allow it to be installed. So the answer would be blacklisting.

  2018 Goals: CCNA R&S, CySA+, and VCP6.5

  0 · Share on Facebook
• zackmax Posts: 61Member ■■□□□□□□□□

  October 2015

  tmurphy3100 wrote: »

  Application white listing should allow it to be installed. So the answer would be blacklisting.

  
  Can it not be that under application white listing policy, this application is not present?

  0 · Share on Facebook
• tmurphy3100 Posts: 146Member ■■■□□□□□□□

  October 2015

  then again if it is a relatively new software and there is an implicit deny involved here, the answer could be different. These questions are very vague.

  2018 Goals: CCNA R&S, CySA+, and VCP6.5

  0 · Share on Facebook
• cyberguypr Senior Member Posts: 6,776Mod Mod

  October 2015

  Something you do is a behavior unique to you, more like handwriting dynamics or keystroke rhythm analysis. Calling your phone is something you have and voice is something you are.

  0 · Share on Facebook
• 
• 
• 
• 
• 
• 
• 
• 
• 
• 
• 
• zackmax Posts: 61Member ■■□□□□□□□□

  October 2015

  cyberguypr wrote: »

  Something you do is a behavior unique to you, more like handwriting dynamics or keystroke rhythm analysis. Calling your phone is something you have and voice is something you are.

  
  Thanks!

  0 · Share on Facebook
• cyberguypr Senior Member Posts: 6,776Mod Mod

  October 2015

  If you are blacklisting you are saying "only blocks these..., allow everything else". Whitelisting says "only allow these... block everything else". Taking the question at face value, the "new and relatively unknown" descriptor means the app would sail through a blacklist but will be blocked by a whitelist.

  0 · Share on Facebook
• OctalDump Posts: 1,722Member

  October 2015

  zackmax wrote: »

  you are called on your mobile phone for voice authentication.
  
  Is this:
  something you have and something you are ?
  something you do and something you are ?
  
  Thanks!

  
  Voice Biometrics over the phone is something that exists. Biometrics are definitely something you are.
  Your mobile phone is something assumed to be something you have. It's a little weaker as a token, because phone numbers can be forwarded away from a specific device. But mobile phones are used as tokens.
  
  The question I would have is how reasonable is it to assume that voice biometrics are in place. It could be that they are calling your mobile phone and asking for a pass phrase (something you know) which isn't analysed for biometrics.
  
  If biometrics are being used, and you are forced to choose between the two answers, then something you are is most reasonable. But in fact all three come into play normally as the biometric system generally uses the same phrase for accurate results and might not prompt.
  
  It's a good "thinking question" but not a good multiple choice exam question.

  2017 Goals - Something Cisco, Something Linux, Agile PM

  0 · Share on Facebook
• OctalDump Posts: 1,722Member

  October 2015

  zackmax wrote: »

  a user cannot install a new and relatively unknown software on their system
  
  application black listing ?
  application white listing ?
  
  both of the above answers prevent unauthorized apps from being installed so its confusing.

  
  On a multi-choice, white listing is the best answer. The implication is that only specific known programs are on the whitelist. This would mean "new" software is not likely to make it on the whitelist.

  2017 Goals - Something Cisco, Something Linux, Agile PM

  0 · Share on Facebook