CISSP 2012 Domain: Access Control


Overview/Description
Target Audience
Expected Duration
Lesson Objectives
Course Number


Overview/Description
This course focuses on the need for access control mechanisms to secure an organization's network and minimize its vulnerability to attacks or intrusion. It covers various access control models, techniques, mechanisms, and methodologies. You will learn about the latest in authentication strategies and intrusion detection and prevention techniques. This course guides you through the Common Body of Knowledge (CBK) recommended by the International Information Systems Security Certification Consortium (ISC2) for its Certified Information Systems Security Professional (CISSP) certification. The CISSP credential certifies student expertise in ten different knowledge domains. The CISSP credential certifies student expertise in ten different knowledge domains.

Target Audience
Mid- and senior-level managers who are working toward or have already attained positions as CISOs, CSOs, or Senior Security Engineers

Expected Duration (hours)
2.0

Lesson Objectives

CISSP 2012 Domain: Access Control

  • identify the types of access control technologies used in a networking environment
  • identify critical activities related to information classification
  • identify knowledge-based authentication technologies
  • identify characteristics-based authentication technologies
  • recognize how single sign-on systems (SSOs) are used for authentication
  • recognize how one-time passwords (OTPs) and smart cards are used for authentication
  • recognize ways of securing passwords
  • identify different types of attack against passwords and password files
  • determine the appropriate type of authentication to implement in a given enterprise scenario
  • evaluate given passwords
  • recognize appropriate access control models given a scenario
  • identify the features of the DAC and MAC access control models
  • recognize how different types of access control technique control access to resources
  • identify the advantages and disadvantages of centralized and decentralized identity management systems
  • identify intrusion detection system (IDS) mechanisms and implementation methods
  • identify intrusion detection and prevention techniques
  • determine the most appropriate access control model to implement in a given scenario
  • recognize access control and intrusion detection techniques

    • Course Number:
    sp_cpte_a01_it_enus