CISSPEssentials:MasteringtheCommonBodyofKnowledgeClass2:AccesscontrolLecturerShonHarris,CISSP,MCSEPresident,LogicalSecurityCISSPEssentialsLibrary:www.searchsecurity.com/CISSPessentialsClass2Quiz:www.searchsecurity.com/Class2quizClass2Spotlight:www.searchsecurity.com/Class2spotlightCISSPEssentials:MasteringtheCommonBodyofKnowledgeAccesscontroldomainobjectives�Accesscontroltypesandcharacteristics�Identification,authenticationandauthorizationmethods�Accesscontrolmodelsandtechniques�Singlesign-ontechnologiesandcharacteristics�Centralizedanddecentralizedadministration�Intrusion-detectionsystemsAccesscontrolmechanismexamplesPhysical•Locks•RemovaloffloppyandCD-ROMdrives•Securityguardscontrollingaccesstofacilityandequipment•ComputerchassislocksTechnical(logical)•Encryption•Passwordsandtokens•Biometrics•Operatingsystemandapplicationcontrols•IdentificationandauthorizationtechnologiesAdministrative•Policiesandprocedures•Securityawarenesstraining•QualityassuranceAccesscontrolcharacteristicsProvidealternativestoothercontrolsCompensationRestoreresourcesandcapabilitiesafteraviolationoraccidentRecoveryDiscouragesecurityviolationsfromtakingplaceDeterrentCorrectundesirableeventsthathavetakenplaceCorrectiveIdentifyundesirableeventsthathavetakenplaceDetectiveKeepundesirableeventsfromhappeningPreventativeDescriptionControlServiceControlcombinationsHumanevaluationofoutputfromsensorsorcamerasMotiondetectors,intrusiondetection,videocamerasGuardrespondingtoalarmDetective–PhysicalIDSReviewingauditlogsReviewingviolationsofclippinglevelsForensicsDetective–TechnicalJobrotationSharingresponsibilitiesInspectionsIncidentresponseUseofauditorsDetective–AdministrativeAuthenticationmechanisms’characteristicsVerifyingidentificationinformation•Somethingyouknow•Password•Somethingyouhave•Smartcard•Somethingyouare•Biometrics(example=voiceprint)AccesscontrolmechanismsinusetodayPrivatekeyCryptographickeysCreditcard,identificationcardSmartcardsATMcard,proximitycardMemorycardsSyn...
