From Wikibooks, open books for an open world
This page may need to be
reviewed for quality.
Jump to navigation
Jump to search
3.1 Identify and apply industry best practices for access control methods
[edit | edit source]
- Implicit deny
- Least privilege
- Separation of duties
- Job rotation
3.2 Explain common access control models and the differences between each
[edit | edit source]
- MAC
- DAC
- Role & Rule based access control
3.3 Organize users and computers into appropriate security groups and roles while distinguishing between appropriate rights and privileges
[edit | edit source]
3.4 Apply appropriate security controls to file and print resources
[edit | edit source]
3.5 Compare and implement logical access control methods
[edit | edit source]
- ACL
- Group policies
- Password policy
- Domain password policy
|
- User names and passwords
- Time of day restrictions
- Account expiration
- Logical tokens
|
3.6 Summarize the various authentication models and identify the components of each
[edit | edit source]
- One, two and three-factor authentication
- Single sign-on
3.7 Deploy various authentication models and identify the components of each
[edit | edit source]
- Biometric reader
- RADIUS (Remote Authentication Dial In User Service)
- RAS (Remote Access Services)
- LDAP (Lightweight Directory Access Protocol)
- Remote access policies
- Remote authentication
- VPN (Virtual Private Network)
|
- Kerberos
- CHAP (Challenge-Handshake Authentication Protocol)
- PAP (Push Access Protocol)
- Mutual
- 802.1x
- TACACS (Terminal Access Controller Access-Control System)
|
3.8 Explain the difference between identification and authentication (identity proofing)
[edit | edit source]
- Physical access logs/lists
- Hardware locks
- Physical access control -- ID badges
- Door access systems
|
- Man-trap
- Physical tokens
- Video surveillance -- camera types and positioning
|