< All CompTIA Security+ Notes

tsirhCdneM | CompTIA Security+ | Module 5

By: Raul Pop | Related Course: CompTIA Security+ | Published: May 31, 2017 | Modified: June 1, 2017
Join Cybrary

NotepadAAC

-Common Access Card

-Personal identification verification card

-Smart Card

-Least Privilege

-Separation of duties

-Single Sign On

-Job rotation

-Mandatory vacations

-Time of day restrictions

-Implicit deny

-Access Controls lists

-Access control

-Mandatory Access Control

-Discretionary Access Control

-Rule based Access Control

-Role based Access Control


NotepadAccess Controls

Access Controls:

-Identification

-Authentification

-Authorization

-Access Control Lists(ACLs)

 

Access Control Models based on security labels:

Mandatory Access-security labels

Discretionary Access-owner’s discretion

Rule base-set of rules

Role base-what role do you play

                                             

Time of day Restriction

 


NotepadAuthentication Services

Radius-Remote Authentication Dial in User System:

-allow for authenticating Remote users;

-often used in dial up user connections and enterprise grade wireless authentication

 

TACAS+=> Support Multi factor authentication

KERBEROS =>Authentication standard:

-RDC

-TAS

-Tickets

LDAP=> Light weight Directory Access Protocol

 


NotepadAuthentication/Authorization and Access

-Identification-user id/e-mail address

-Authentication

 

Authentication factors=>

Some thing you know:PIN/Password/Passphares

Something you have:Tokens

Some thing you are:Biometrics

Somewhere you are:

Something you do:Signature dynamics->Pressure,Speed

                                  :Keyboard dynamics->Flight Time,dwell time

 

Single Factor

-Multi factor

-Strong factor

-Authorization


NotepadBest Practices for Account

-Multiple accounts

-Multiple Roles

-Shared accounts

 

Account Policy Enforcement

-Credential management

-Group policy

-Password Complexity

-Password Expiration

-Recovery

-Disable password

-Lockout policy

-Lockout threshold(3-5)

-Lockout duration

-Password history

-Password reuse

-Password length(6 to 8 minimum)

-Group privileges

-User assigned privileges

-User access reviews

-Continuous monitoring


NotepadImplementing Appropriate Security

-Mitigate issues associated with users with multiple accounts/roles

-Account policy enforcement

-Password complexity

-Expiration

-Recovery

-Length

-Disablement

-Lockout

-Lockout thresh hold

-Lockout duration

-User assigned Privileges

-Group assigned Privileges


< All CompTIA Security+ Notes
Join Cybrary

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel