Group Details Private
Monthly and Annual Subscribers
Non-RBAC vs. DAC... Let's see:
Yes, Non-RBAC is a grant directly to the user, instead of based on a role.
Yes, DAC does allow for assignment to a user, but could also allow for assignment based on a role or a group, if the owner was so inclined, and they existed in the directory service, or the local machine where the resource was homed.
Also, keep in mind that as I define DAC in the episode:
Discretionary Access Control (DAC) - placed on data by the owner of the data. The owner determines who has access to the data and what privileges they have. The data owner has the power to determine who can (and cannot) access the data based on the business requirements and constraints affecting the owner. While the owner never has the ability to ignore, or contradict the organization’s access control policies, he or she has the ability to interpret those policies to fit the specific needs of his or her system and his or her users.
In other words, Non-RBAC is the absence of a role based assignment, while DAC could involve the use of a role based or group or individual user based assignment.
Hope that helps to clarify.
I'm synthesizing, not memorizing and trying to stay "a mile wide and inch deep" as my focus. With that being said... what's the difference between Non-RBAC and DAC? You said "instead of having roles, we simply go to a direct grant to the user so it's bypassing the concept of roles." Thought being, on the exam they describe does not offer centrally managed roles and users can directly modify the ACL.... how do you know if that's DAC or Non-RBAC? (sorry, I've had a lot of time to study these past two days). Hopefully I'm staying a mile wide and inch deep on this one.
Difficult answer, but yes and no.
The service Value system refers to Service Management as entirety within an organisation (including project management).
The Service Value Chain is generic to an organisation and lays out all of the processes and activities required to deliver services (so just a specific portion of the Service Value System referring to activities).
A Service Value Stream starts with a business / customer outcome and then details all of the practices (processes, capabilities, and resources) required just facilitate the co-creation of that outcome.
Each Service Value Stream will be unique to the specific outcome and will pull elements from the Service Value Chain. Each Stream may use different elements from the Chain, but of course the Stream contains much more than just the activities found in the Chain.
Does that make sense?
@Adam-Gordon That was exactly what I was looking for!!! Thanks! And you've actually highlighted one of my major concerns with the exam. Radius with TLS does use TCP. But another thing you've pointed out is that you can't make assumptions about the environment and choice A didn't specify TLS. I happen to catch that one, but really concerned I'll get hung up on that kind of thing on the exam.
Well played !!
I like the thought process and the scenario.
If you were to come across a question such as the one you are proposing, let's discuss two possible ways it might play out:
- Company A wants to implement a remote authentication solution and they are in a Windows environment, which of the following should they consider?" Choose all that apply
You would want to choose A, B and D. All three are capable of working in a Windows environment.
Same question, almost, but much more devious:
- Company A wants to implement a remote authentication solution that uses
TCPand they are in a Windows environment, which of the following should they consider?" Choose all that apply
You would want to choose B and D. Radius uses UDP, not TCP.
I would be more concerned about a question like #2, then I would about a question like #1. The thing you often hear me say as well is that the exam is Vendor Agnostic. This would mean, in this case, that Question #1 is really using Windows as the key pivot point for the question, which is not normally done, as opposed to Question #2, which tries to distract you with Windows, but really is using the TCP protocol as the pivot to decide what is right, and what is wrong.
Trust the guidance I give you, study as I suggest, be smart and critical in your assessment of your strengths and weaknesses and you will succeed.
I have heard and appreciate your constant reminders of "mile wide and inch deep". I also like your "yes, you are expected to know that, yes, you need to memorize it" because more often than not, I've already thought "they don't expect me to memorize this do they?!" It's kept me from going down an implementation level of detail many of times. I tried applying the mile high concept on this and was thinking if I was asked Company A wants to implement a remote authentication solution and they are in a Windows environment, which of the following should they consider?"