Hello Wes Sir,
In an episode of the CompTIA Security+ series, you talk about protocols like FIDO U2F, FIDO 2, UAF, and CTAP but don't really explain each and every one of them by saying it is some vocab dump. I just wanted to confirm, for the exam, what am I expected to know about them?
Thanks.
-
Doubt in some protocols.
-
I would recommend a being familiar with them.
Here is information for FIDO and FIDO2:
https://doubleoctopus.com/security-wiki/protocol/fast-identity-online/#Here is documentation from the FIDO Alliance SIG for UAF:
https://fidoalliance.org/specs/fido-uaf-v1.1-id-20170202/fido-uaf-overview-v1.1-id-20170202.html
Finally, here is CTAP:
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.htmlBest Regards,
Wes BryanKnowledge is a road to be traveled upon, not a destination to be reached~~
-
@wes-bryan Thank you so much, sir, I will take a look!
-
@Atharva-Bet, I wanted to add context for you for FIDO and FIDO2. When I am in the Microsoft Azure platform and configuring authentication methods for the users, you can see that FIDO2 is an option:
Note* - You can set a FIDO2 Security Key, Microsoft Authenticator, SMS message and more.
If you look that the USE FOR: section, you will see this is for:
- Sign in
- Strong authentication
This is a password-less implementation to increase the resiliency of authentication to password-based issues.
Little more context for you!
Best Regards,
Wes BryanKnowledge is a road to be traveled upon, not a destination to be reached~~
-
@wes-bryan Thank you so much, Sir, this was very helpful. Extremely appreciate it that every time you promptly clear my doubts up so well. You have really been a very important person in my cybersecurity journey (and also other edutainers like Ronnie Sir & Adam Sir & Dan Sir). I always look up to you guys as mentors and I am grateful for that!!
I wish to aim and achieve high in the cybersecurity world and make my mentors proud
