Security+ Certification/Access Control

3.1 Identify and apply industry best practices for access control methods

  • Implicit deny
  • Least privilege
  • Separation of duties
  • Job rotation

3.2 Explain common access control models and the differences between each

  • MAC
  • DAC
  • Role & Rule based access control

3.3 Organize users and computers into appropriate security groups and roles while distinguishing between appropriate rights and privileges

3.4 Apply appropriate security controls to file and print resources

3.5 Compare and implement logical access control methods

  • ACL
  • Group policies
  • Password policy
  • Domain password policy
  • User names and passwords
  • Time of day restrictions
  • Account expiration
  • Logical tokens

3.6 Summarize the various authentication models and identify the components of each

  • One, two and three-factor authentication
  • Single sign-on

3.7 Deploy various authentication models and identify the components of each

  • Biometric reader
  • RADIUS (Remote Authentication Dial In User Service)
  • RAS (Remote Access Services)
  • LDAP (Lightweight Directory Access Protocol)
  • Remote access policies
  • Remote authentication
  • VPN (Virtual Private Network)
  • Kerberos
  • CHAP (Challenge-Handshake Authentication Protocol)
  • PAP (Push Access Protocol)
  • Mutual
  • 802.1x
  • TACACS (Terminal Access Controller Access-Control System)

3.8 Explain the difference between identification and authentication (identity proofing)

3.9 Explain and apply physical access security methods

  • Physical access logs/lists
  • Hardware locks
  • Physical access control -- ID badges
  • Door access systems
  • Man-trap
  • Physical tokens
  • Video surveillance -- camera types and positioning
Last modified on 8 August 2009, at 18:42