Overview/Description
To introduce access control concepts and methodologies and explain how they're implemented and administered in a centralized or decentralized environment; to prepare candidates for one of the ten knowledge domains assessed in (ISC)2's CISSP certification exam
Target Audience
Mid-level and senior-level managers who are working toward or have already attained positions as CISOs, CSOs or Senior Security Engineers
Prerequisites
A minimum of four years of professional experience in the information security field or three years plus a college degree
CISSP: Access Control (replaced by course sp_cssp_a01_it_enus)
identify the types of access control technologies used in a networking environment.
identify knowledge-based and characteristics-based authentication technologies.
recognize how single sign-on systems (SSOs), one-time passwords (OTPs), and smart cards are used for authentication.
determine the appropriate type of authentication to implement in a given enterprise scenario.
recognize ways of securing passwords and identify different types of attack against passwords and password files.
select the appropriate access control model for a scenario.
determine the most appropriate access control model to implement in a given scenario.
recognize how different types of access control technique control access to resources, and distinguish between centralized and decentralized access control administration mechanisms.
identify information detection system (IDS) mechanisms and implementation methods, and recognize various intrusion detection and prevention techniques.