Good luck!

Let me know how it goes man I take mine in three weeks

Good luck!

@@zeevibeztv I will!

Good Luck brodie!!

Did you pass?

I had one 😂

Isn't that where passwords would come in? Sure they have the device, but if they don't have an account or someone else's account details, they can't log in. That's also where Two Factor Authentication would come in, requiring maybe a password and access to a phone or email to verify Authentication.

Also, if that company is able to know that that specifi device is missing, they could possibly remote wipe the device. Yet, I believe that the two factor method should be able to stop a potential bad guy from infiltrating a company network.

You definitely would not want to just give everyone an admin account. 1, Not every person needs every permission. They should only have the permissions required to to their job. 2, Having every single person share the same account is a gross violation of any non-repudiation countermeasures. Non-Repudiation means we can verify who did what. If 100 people share one admin account, and taht admin account deletes an important file, for example, we cannot know for sure who deleted that file.

if everyone shares the same account it would be hard to tell who did what. If someone orders the wrong items, how would you tell who it was? Another reason not do have one admin account is that if someone gains unauthorised access to it, they basically hold the master key to everything.

Unless they use the same account at different times, so you could know that, between 9am to 5pm, it had to be person A, you can't really tell who did what otherwise.

I mean your idea of condensing down access is correct, but just implemented in the wrong area. What if one of the users with the admin access becomes disgruntled and decides to sabotage the data? We need to track any breaches, errors, or data leaks to those users so we dont want to limit our data coming from them and their devices. So, instead we put in a authorization model like prof. Messer explains to condense down authorization roles to the hundreds, or thousands of users in the work environment. That way we can track exactly who attempted to access what data, and also so those users who are authorized can access all the data from the companies internal servers. Its a bridge of authentication, authorization, and the accounting part is for security officials to monitor and patch the bridge :)

@@jakeforaker7859 thank you this helped alot !