Access Control Concepts Slides
Access Control Concepts Slides
Kevin Henry
CISM CISSP CCSP
[email protected]
CC℠ Certification Examination
Domains Weights
1. Security Principles 26%
2. Business Continuity (BC), Disaster Recovery 10%
(DR), & Incident Response
3. Access Control Concepts 22%
4. Network Security 24%
5. Security Operations 18%
Access Controls Concepts for the CC℠
Certification
Agenda:
Access
Relationships Subject Object
Asset
Determines Owner
Bypassed by collusion
- Job rotation
- Mandatory vacations
Identification
Password resets
Modification to permissions
Identification
What you:
- Know
- Have
- Are
What You Know
Employee ID badge
Token
Smartcard
Passport
What You Are
Biometrics
Behavioral
Physiological
Behavioral Biometrics
Fingerprint
Facial recognition
User concerns
-
Biometric -
-
Acceptance
Cost
Maintenance/registration
Node Authentication