Security+ Certification/Access Control

From Wikibooks, open books for an open world
< Security+ Certification
Jump to: navigation, search

3.1 Identify and apply industry best practices for access control methods[edit]

  • Implicit deny
  • Least privilege
  • Separation of duties
  • Job rotation

3.2 Explain common access control models and the differences between each[edit]

  • MAC
  • DAC
  • Role & Rule based access control

3.3 Organize users and computers into appropriate security groups and roles while distinguishing between appropriate rights and privileges[edit]

3.4 Apply appropriate security controls to file and print resources[edit]

3.5 Compare and implement logical access control methods[edit]

  • ACL
  • Group policies
  • Password policy
  • Domain password policy
  • User names and passwords
  • Time of day restrictions
  • Account expiration
  • Logical tokens

3.6 Summarize the various authentication models and identify the components of each[edit]

  • One, two and three-factor authentication
  • Single sign-on

3.7 Deploy various authentication models and identify the components of each[edit]

  • Biometric reader
  • RADIUS (Remote Authentication Dial In User Service)
  • RAS (Remote Access Services)
  • LDAP (Lightweight Directory Access Protocol)
  • Remote access policies
  • Remote authentication
  • VPN (Virtual Private Network)
  • Kerberos
  • CHAP (Challenge-Handshake Authentication Protocol)
  • PAP (Push Access Protocol)
  • Mutual
  • 802.1x
  • TACACS (Terminal Access Controller Access-Control System)

3.8 Explain the difference between identification and authentication (identity proofing)[edit]

3.9 Explain and apply physical access security methods[edit]

  • Physical access logs/lists
  • Hardware locks
  • Physical access control -- ID badges
  • Door access systems
  • Man-trap
  • Physical tokens
  • Video surveillance -- camera types and positioning