1 00:00:00,600 --> 00:00:02,320 Transitive attacks. 2 00:00:02,320 --> 00:00:04,990 Transitive attacks aren't really an actual type of attack 3 00:00:04,990 --> 00:00:06,940 but more of a conceptual method. 4 00:00:06,940 --> 00:00:08,810 It gets its name from the Transitive Property 5 00:00:08,810 --> 00:00:10,490 we learned back in mathematics. 6 00:00:10,490 --> 00:00:12,550 Essentially, the Transitive Property says 7 00:00:12,550 --> 00:00:14,870 that if A equals B and B equals C, 8 00:00:14,870 --> 00:00:17,690 then by all logic, A also equals C. 9 00:00:17,690 --> 00:00:19,370 Now, when it comes to Security+, 10 00:00:19,370 --> 00:00:21,360 and they talk about the idea of a transitive attack, 11 00:00:21,360 --> 00:00:23,710 they're really focusing on the idea of trust. 12 00:00:23,710 --> 00:00:25,790 If one network trusts a second network 13 00:00:25,790 --> 00:00:28,010 and that second network trusts a third network, 14 00:00:28,010 --> 00:00:30,740 then that first network really trusts the third network, 15 00:00:30,740 --> 00:00:31,780 and so, if an attacker can get 16 00:00:31,780 --> 00:00:33,470 into any one of those three networks, 17 00:00:33,470 --> 00:00:35,740 he can then get into the other two, as well. 18 00:00:35,740 --> 00:00:38,050 This is based on that transitive trust. 19 00:00:38,050 --> 00:00:40,150 This is really important in the world of security 20 00:00:40,150 --> 00:00:41,500 because whoever you trust, 21 00:00:41,500 --> 00:00:43,100 you're also trusting everyone else 22 00:00:43,100 --> 00:00:44,560 that they've ever trusted. 23 00:00:44,560 --> 00:00:46,790 Whenever you connect your network to somebody else's network 24 00:00:46,790 --> 00:00:48,330 using a trust relationship, 25 00:00:48,330 --> 00:00:50,170 you're inherently assuming all of the risk 26 00:00:50,170 --> 00:00:51,660 of their security posture 27 00:00:51,660 --> 00:00:53,470 or the lack of their security posture, 28 00:00:53,470 --> 00:00:55,920 in addition to your own security posture. 29 00:00:55,920 --> 00:00:57,750 Now, often in large enterprise networks, 30 00:00:57,750 --> 00:00:59,550 we reuse trust relationships 31 00:00:59,550 --> 00:01:01,190 between different domain controllers 32 00:01:01,190 --> 00:01:03,120 because this helps us minimize the amount of times 33 00:01:03,120 --> 00:01:04,700 that someone has to authenticate 34 00:01:04,700 --> 00:01:06,540 over and over for a resource, 35 00:01:06,540 --> 00:01:09,170 but remember, whenever you sacrifice security 36 00:01:09,170 --> 00:01:11,880 in order to afford yourself better or quicker operations, 37 00:01:11,880 --> 00:01:13,740 there is a risk associated with it. 38 00:01:13,740 --> 00:01:15,520 So, if your organization wishes 39 00:01:15,520 --> 00:01:17,570 to maintain a strong security posture, 40 00:01:17,570 --> 00:01:19,640 your systems should not assume trust 41 00:01:19,640 --> 00:01:21,910 but instead, should question and re-question 42 00:01:21,910 --> 00:01:26,410 every device and network that it wishes to connect to.