Security+ Certification/Access Control and Identity Management

From Wikibooks, open books for an open world
Jump to: navigation, search

Access Control and Identity Management[edit]

Explain the function and purpose of authentication services[edit]

Explain the fundamental concepts and best practices related to authentication, authorization and access control[edit]

  • Identification vs. authentication
  • Authentication (single factor) and authorization
  • Multifactor authentication
  • Biometrics
  • Tokens
  • Common access card
  • Personal identification verification card
  • Smart card
  • Least privilege
  • Separation of duties
  • Single sign on
  • ACLs
  • Access control
  • Mandatory access control
  • Discretionary access control
  • Role/rule-based access control
  • Implicit deny
  • Time of day restrictions
  • Trusted OS
  • Mandatory vacations
  • Job rotation

Implement appropriate security controls when performing account management[edit]

  • Mitigates issues associated with users with multiple account/roles
  • Account policy enforcement
    • Password complexity
    • Expiration
    • Recovery
    • Length
    • Disablement
    • Lockout
  • Group based privileges
  • User assigned privileges