Last modified on 8 August 2009, at 18:42

Security+ Certification/Access Control

3.1 Identify and apply industry best practices for access control methodsEdit

  • Implicit deny
  • Least privilege
  • Separation of duties
  • Job rotation

3.2 Explain common access control models and the differences between eachEdit

  • MAC
  • DAC
  • Role & Rule based access control

3.3 Organize users and computers into appropriate security groups and roles while distinguishing between appropriate rights and privilegesEdit

3.4 Apply appropriate security controls to file and print resourcesEdit

3.5 Compare and implement logical access control methodsEdit

  • ACL
  • Group policies
  • Password policy
  • Domain password policy
  • User names and passwords
  • Time of day restrictions
  • Account expiration
  • Logical tokens

3.6 Summarize the various authentication models and identify the components of eachEdit

  • One, two and three-factor authentication
  • Single sign-on

3.7 Deploy various authentication models and identify the components of eachEdit

  • Biometric reader
  • RADIUS (Remote Authentication Dial In User Service)
  • RAS (Remote Access Services)
  • LDAP (Lightweight Directory Access Protocol)
  • Remote access policies
  • Remote authentication
  • VPN (Virtual Private Network)
  • Kerberos
  • CHAP (Challenge-Handshake Authentication Protocol)
  • PAP (Push Access Protocol)
  • Mutual
  • 802.1x
  • TACACS (Terminal Access Controller Access-Control System)

3.8 Explain the difference between identification and authentication (identity proofing)Edit

3.9 Explain and apply physical access security methodsEdit

  • Physical access logs/lists
  • Hardware locks
  • Physical access control -- ID badges
  • Door access systems
  • Man-trap
  • Physical tokens
  • Video surveillance -- camera types and positioning