Topic: SY0-601 topic 1 question 221

The new Chief Information Security Officer at a company has asked the security team to implement stronger user account policies. The new policies require:

*    Users to choose a password unique to their last ten passwords
*    Users to not log in from certain high-risk countries

Which of the following should the security team implement? (Choose two.)

A.
Password complexity
B.
Password history
C.
Geolocation
D.
Geofencing
E.
Geotagging
F.
Password reuse

Re: SY0-601 topic 1 question 221

Password history and Geolocation

  • f9ly
  • New member
  • Offline

Re: SY0-601 topic 1 question 221

Gelocation is not correct because geolocation stands for the location within a company, example: a certain VLAN, ip address range, so on. While geofencing is the correct term in this scenario since it limit the physical area of the authentication, in this example you don't want anyone to be authenticated in a high-risk countries. This is an example of geofencing!

Re: SY0-601 topic 1 question 221

This. Geofencing involves creating virtual boundaries and triggering actions based on the device or user entering or exiting those predefined areas.

Re: SY0-601 topic 1 question 221

The requirements say not able to login to another country( Geolocation allows that), so I go with Geofencing (which would not allow that) which is what the requirement is asking for

Re: SY0-601 topic 1 question 221

If it was a company with location in say the USA, there could be a geofence (perimeter) around it but it would not only stop countries that are high risk but also countries that are not banned and so it'd be too restrictive.

  • Uhec
  • New member
  • Offline

Re: SY0-601 topic 1 question 221

Took my test today and passed Geofencing is not an option on the actual test it is BC

  • BD69
  • New member
  • Offline

Re: SY0-601 topic 1 question 221

I stand corrected. Thanks!

Re: SY0-601 topic 1 question 221

B and C are correct.

Re: SY0-601 topic 1 question 221

From Google
Geolocation uses the IP address, GPS, or Wi-Fi data of a device to determine its approximate location, while geo-fencing creates a virtual boundary around a specific area and triggers an action when a device enters or exits it.

Re: SY0-601 topic 1 question 221

Guys, Sir_Learnalot explains it best. Geolocation is like a technology without a policy in this case. It will tell you where the user is, but then sits there stupidly waiting for you to do something with it. Geofencing USES the geolocation to enforce it's fencing policy. comprende amigo?

  • BD69
  • New member
  • Offline

Re: SY0-601 topic 1 question 221

Geofencing is correct. A geofence is a virtual perimeter for a real-world geographic area. Geolocation does not refer specifically to a security process, though it is meta-data used by geofencing.

  • BD69
  • New member
  • Offline

Re: SY0-601 topic 1 question 221

ignore this - geofencing is not on some of the exam answers, so it must be wrong

Re: SY0-601 topic 1 question 221

For the Geolocation/Geofencing beef:
Geofencing can be used to create a virtual fence or
geographic boundary, outlining the company’s property. Geolocation is used
to identify the location of an object, such as a mobile device. Geofencing
will use geolocation to determine when a mobile device is within a
geographic boundary, but geolocation without geofencing won’t detect if a
user is on the company’s property.
That's all the info i got from a course that i have.

Re: SY0-601 topic 1 question 221

Password history and Geofencing

Re: SY0-601 topic 1 question 221

BC - Because Geotagging means embedding of the geolocation coordinates into a piece of data (i.e., a photo). Geolocation refers to the location of the user.

Re: SY0-601 topic 1 question 221

B. Password history
C. Geolocation

To implement the specified user account policies, the security team should consider the following:

B. Password history: This policy ensures that users cannot choose a password that they have used in the past. Users will be required to choose a password unique to their last ten passwords. This is typically managed through the password history setting.

C. Geolocation: This policy involves restricting user logins based on the geographical location of the login attempt. Users are not allowed to log in from certain high-risk countries. This can be implemented using geolocation or geofencing mechanisms.

Re: SY0-601 topic 1 question 221

I choose BC because geolocation allows you to set where a user is able to log in from geographically so you can ban all the risky countries and allow access from non risky countries. Geofencing would only allow you to access the network if you are within the perimeters of the "fence". I would assume if you need to do work in a non risky country geofencing would not be the appropriate solution. Thoughts?

Re: SY0-601 topic 1 question 221

BC - Geolocation determines a device's approximate location using GPS, Wi-Fi, or IP address. Geofencing creates a virtual boundary around a specific area and triggers an action when a device enters or exits it.

Re: SY0-601 topic 1 question 221

password history
geolocation.

It's not geofencing.
geofencing uses geolocation.

- MFA
"somewhere you are" is an authentication attribute.
It uses gelocation to identify the user's location.
When "somewhere you are" is a factor used in MFA, geolocation is the most common method used technology used to identify a user's location.

- Context Aware authentication
geolocation is one of the elements that can be used in context aware authentication

Re: SY0-601 topic 1 question 221

From the CompTIA Study Guide:
geofencing: The practice of creating a virtual boundary based on real-world geography

Re: SY0-601 topic 1 question 221

IP-based Geolocation is the mapping of an IP address or MAC address to the real-world geographic location of an Internet-connected computing or a mobile device. Geolocation involves mapping IP addresses to the country, region (city), latitude/longitude, ISP, and domain name among other useful things. So if an Employee/End User Logs in with a Corporate device while on Holiday/Vacation within a High-risk Country. Geolocation Can Alert an Infosec Team of this Behavior. Geofencing involves creating virtual boundaries or geographic zones in a specific area or location.

Re: SY0-601 topic 1 question 221

Geofencing is not typically used to restrict access from entire countries, it can be employed to restrict access from certain regions or locations within a country. Geofencing is often used for more granular access control, such as defining specific areas within a city or campus where access is controlled based on geographic boundaries.

Geofencing is more about creating virtual boundaries within a specific geographic area and triggering actions when users or devices enter or exit those boundaries. Geolocation, on the other hand, focuses on determining the geographic location of an IP address and can be used for broader access control decisions, making it a suitable method for restricting access at the country or regional level.

Re: SY0-601 topic 1 question 221

This is correct

Re: SY0-601 topic 1 question 221

Geolocation uses the IP address, GPS, or Wi-Fi data of a device to determine its approximate location.

Geo-fencing creates a virtual boundary around a specific area and triggers an action when a device enters or exits it.