Welcome to Access Controls!
The Access Controls Course provides information pertaining to specify what users are permitted to do, the resources they are allowed to access, and what operations they are able to perform on a system. Access Controls help managers limit and monitor systems use at a user level or group membership. You will understand the different access control systems and how they should be implemented to protect the system and data using the different levels of confidentiality, integrity, and availability.
The Access Controls course provides information pertaining to specifying what users are permitted to do, the resources they are allowed to access, and what operations they are able to perform on a system. Access Controls help managers limit and monitor systems use at a user level, and is usually predefined based on authority level or group membership. You will understand the different access control systems and how they should be implemented to protect the system and data using the different levels of confidentiality, integrity, and availability.
Objectives
1. Describe how to implement Authentication mechanisms
2. Identify and operate internetwork trust architectures
3. Describe the process of administering identity management life cycle
4. Implement the different types of access controls (Subject/Object based)
Overview
Syllabus
- Implement Authentication Mechanisms
- Module Topics: Single Factor/Multifactor Authentication, Biometrics. In Single Factor/ Multifactor Authentication, you will learn about identity, methods, registration of new users, periodic review of access levels, clearance, authentication, knowledge, password reset, mass lockouts, ownership, and characteristics. In Biometrics, you will learn about biometrics, behavioral biometrics, physiological biometrics, biometric implementation issues, biometric accuracy, physiological use as identification, next-generation identification (NGI) database, department of defense (DoD) electronic biometric transmission specification (EBTS), and biometric standards development.
- Implement Authentication Mechanisms
- Module Topics: Tokens, Single Sign-On, Offline and Device Authentication. In Tokens, you will learn about uses of token information, time-synchronized one-time passwords, mathematical-algorithm based one time passwords, physical types, disconnected tokens, connected tokens, contactless tokens, bluetooth and mobile device tokens, smart cards, types of smart card technology, smart card applications, multifactor authentication, two-factor vs. three-factor authentication, dual control, continuous authentication, periodic authentication, time outs, reverse authentication, certificate-based authentication, authorization, access to systems vs. data, network, access control lists/matrix, and directories. In Single Sign-On, you will learn about SSO risks, SSO implementation: kerberos, Kerberos applications, Kerberos process, Kerberos considerations, Kerberos tools, Klist purge, Server 2012/(R2) and Windows 8/8.1 features, and network ports used during Kerberos authentication. In Offline and Device Authentication, you will learn about types of authentication.
- Operate Internetwork Trust Architectures
- Module Topics: Comparing Internetwork Architectures, One-way Trust, Two-way Trust, and Transitive Trust. In Comparing Internetwork Architectures, you will learn about typical DMZ design, trust path. In Trust, you will learn about one-way trust, two-way trust, and transitive trust.
- Administer Identity Management Life Cycle
- Module Topics: Identity Management, Authorization, Proofing, Provisioning, Maintenance, and Entitlement. In Identity management, you will learn about identity management cycle. You will also learn about, authorization, proofing, provisioning, and maintenance. In Entitlement, you will learn about entities, entitlement defined.
- Implement Access Controls
- Module Topics: Mandatory Access Control (MAC), Non-Discretionary Access Control, Discretionary Access Control (DAC), Role-Based Access Control (RBAC), Content Dependent, Context-Based, Temporal Isolation (Time Based), Attribute-Based, Separation of Duties, Security Architecture and Models. You will learn about Mandatory Access Control (MAC), and Non-Discretionary Access Control, In Discretionary Access Control (DAC), you will learn about Rule Set-Based Access Controls (RSBAC), RSBAC GFAC logic for data access request. In Role -Based Access Control (RBAC), you will learn about role hierarchies, constrained user interface (CUI), types of restricted interfaces, view-based access control (VBAC), and VBAC examples. You will also learn about Content-Dependent Access Control (CDAC), and Temperoal isolation (Time-Based) Access Control. In Attribute-based Access Control (ABAC), you will learn about key terms. In Security Architecture and Models, you will learn about Bell-LaPadula confidentiality Model, Biba integrity model, BLP and Biba model comparison, Clark-Wilson integrity model, and additional models,
- Case Study
- This assignment is based on a case study that will require the student to put into practice the knowledge they have gained through the course. It requires the basic understanding of the topics and the ability to relate those topics to the real world. The objective of review is to determine whether the student has understood the concepts and has performed the necessary analysis to ensure a complete and thorough answer.
- Exam
Taught by
(ISC)² Education & Training