From Wikibooks, open books for an open world
< Security+ Certification
This page may need to be
reviewed for quality.
[edit] 3.1 Identify and apply industry best practices for access control methods
- Implicit deny
- Least privilege
- Separation of duties
- Job rotation
[edit] 3.2 Explain common access control models and the differences between each
- MAC
- DAC
- Role & Rule based access control
[edit] 3.3 Organize users and computers into appropriate security groups and roles while distinguishing between appropriate rights and privileges
[edit] 3.4 Apply appropriate security controls to file and print resources
[edit] 3.5 Compare and implement logical access control methods
- ACL
- Group policies
- Password policy
- Domain password policy
|
- User names and passwords
- Time of day restrictions
- Account expiration
- Logical tokens
|
[edit] 3.6 Summarize the various authentication models and identify the components of each
- One, two and three-factor authentication
- Single sign-on
[edit] 3.7 Deploy various authentication models and identify the components of each
- Biometric reader
- RADIUS (Remote Authentication Dial In User Service)
- RAS (Remote Access Services)
- LDAP (Lightweight Directory Access Protocol)
- Remote access policies
- Remote authentication
- VPN (Virtual Private Network)
|
- Kerberos
- CHAP (Challenge-Handshake Authentication Protocol)
- PAP (Push Access Protocol)
- Mutual
- 802.1x
- TACACS (Terminal Access Controller Access-Control System)
|
[edit] 3.8 Explain the difference between identification and authentication (identity proofing)
[edit] 3.9 Explain and apply physical access security methods
- Physical access logs/lists
- Hardware locks
- Physical access control -- ID badges
- Door access systems
|
- Man-trap
- Physical tokens
- Video surveillance -- camera types and positioning
|
Help
Add this page to your collection
Show collection (0 pages)
Suggest pages
This page may need to be 
