You are implementing networks per the Zero Trust principles. Which of the following authentication mechanisms will happen earliest? (Wentz QOTD)
A. Authentication based on RESTful API
B. Mutually authentication based on X.509 certificates
C. Single Packet Authorization (SPA) based on HOTP
D. Network access control based on 802.1X
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is D. Network access control based on 802.1X.
Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.
Zero Trust principles entail fine-grained authentication, which involves various layers of authentication.
Before getting started to access resources, a client has to connect to the network (physical and data link layer) first. Network access control based on 802.1X is also known as EAP over Lan (EAPoL), in which an authenticator (Switch hub or Access Point) validates identities of wired or wireless clients (supplicants).
Single Packet Authorization (SPA) based on HOTP is typically implemented using UDP, a protocol at the transport layer. HOTP employs HMAC (hash-based message authentication code) to enforce authenticity.
Mutually authentication based on X.509 certificates and authentication based on RESTful API practices at the application layer.
您正在按照零信任(Zero Trust)原則實施網絡。 以下哪種身份驗證機制將最早發生？ (Wentz QOTD)
A. 基於RESTful API的身份驗證
C. 基於 HOTP 的單包授權(SPA)