Presentation is loading. Please wait.

Presentation is loading. Please wait.

CompTIA Security+ Study Guide (SY0-401)

Published byClaribel Powers Modified over 6 years ago

Similar presentations

Presentation on theme: "CompTIA Security+ Study Guide (SY0-401)"— Presentation transcript:

1 CompTIA Security+ Study Guide (SY0-401)
Chapter 4: Access Control, Authentication, and Authorization

2 Chapter 4: Access Control, Authentication, and Authorization
Given a scenario, use secure network administration principles. Explain network design elements and components. Compare and contrast the function and purpose of authentication services. Given a scenario, select the appropriate authentication, authorization, or access control. Install and configure security controls when performing account management, based on best practices.

3 Identification vs. Authentication
requires a human to intercede and verify that someone is who they say they are Authentication the user may not be who they are supposed to be, but they have indeed given the correct combination of values (such as username and password, tokens, or biometrics) and thus they are authenticated.

4 Chapter 4: Access Control, Authentication, and Authorization
Authentication (Single Factor) and Authorization single factor authentication (SFA) username and password Multifactor Authentication multifactor system two-factor authentication system

5 Chapter 4: Access Control, Authentication, and Authorization
Layered Security and Defense in Depth Network Access Control Tokens contain the rights and access privileges of the token bearer as part of the token. Federations

6 Potential Authentication and Access Problems
Transitive Access transitive access, one party (A) trusts another party (B). If the second party (B) trusts another party (C), then a relationship can exist where the third party (C) is trusted by the first party (A). Authentication Issues to Consider Authentication Protocols Account Policy Enforcement

7 Chapter 4: Access Control, Authentication, and Authorization
Point-to-Point Protocol (PPP) Tunneling protocols Point-to-Point Tunneling Protocol (PPTP) Radius a mechanism that allows authentication of remote and other network connections.

8 Chapter 4: Access Control, Authentication, and Authorization
TACACS/TACACS+/XTACACS is a client-server-oriented environment, and it operates in a manner similar to how RADIUS operates. VLAN Management allows you to create groups of users and systems and segment them on the network. SAML Security Assessment Markup Language

9 Understanding Authentication Services
Lightweight Directory Access Protocol (LDAP) is a standardized directory access protocol that allows queries to be made of directories (specifically, pared-down X.500-based directories). Kerberos is an authentication protocol named after the mythical three-headed dog that stood at the gates of Hades. Single Sign-On Initiatives (SSO) give users access to all the applications and systems they need when they log on.

10 Access Control Four Primary Methods: Mandatory Access Control (MAC)
All access is predefined. Discretionary Access Control (DAC) Incorporates some flexibility. Role-Based Access Control (RBAC) Allows the user’s role to dictate access capabilities. Rule-Based Access Control (RBAC) Limits user to preconfigured policies

11 Implementing Best Practices
Least Privileges Separation of Duties Time of Day Restrictions User Access Review Smart Cards Common Access Card (CAC) Personal Identification Verification Card (PIV)

12 Access Control Lists Implicit Deny Firewall Rules
Access control lists (ACLs) enable devices in your network to ignore requests from specified users or systems or to grant them certain network capabilities. Approaches to ACLs: Implicit Deny Firewall Rules Block the connection Allow the connection. Allow the connection only if it is secured.

13 Port Security Working with 802.1X Flood Guards and Loop Protection Preventing Network Bridging Log Analysis

14 Trusted operating system (TOS)
is any operating system that meets the government’s requirements for security. Secure Router Configuration Change the Default Password. Walk through the Advanced Settings. Keep the Firmware Upgraded.

Download ppt "CompTIA Security+ Study Guide (SY0-401)"

Similar presentations

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Fundamentals of Information Systems Security.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Fundamentals of Information Systems Security.
Access Control Chapter 3 Part 3 Pages 209 to 227.

Access Control Chapter 3 Part 3 Pages 209 to 227.
Access Control Methodologies

Access Control Methodologies
Security+ Guide to Network Security Fundamentals, Fourth Edition

Security+ Guide to Network Security Fundamentals, Fourth Edition
Access Control Intro, DAC and MAC System Security.

Access Control Intro, DAC and MAC System Security.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
Chapter 4 Chapter 4: Planning the Active Directory and Security.

Chapter 4 Chapter 4: Planning the Active Directory and Security.
Access Control Dr.Talal Alkharobi.

Access Control Dr.Talal Alkharobi.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Physical and Hardware Security Chapter 15 Networking Essentials Spring, 2013.

Physical and Hardware Security Chapter 15 Networking Essentials Spring, 2013.
2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification.

2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification.
Lecture 7 Access Control

Lecture 7 Access Control
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.
7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.

7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Privilege Levels Cisco IOS provides for 16 different privilege levels ranging from 0 to 15. Cisco IOS comes with 2 predefined user levels. User mode.

Privilege Levels Cisco IOS provides for 16 different privilege levels ranging from 0 to 15. Cisco IOS comes with 2 predefined user levels. User mode.
© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.

© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.
1 © Talend 2014 XACML Authorization Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo

1 © Talend 2014 XACML Authorization Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo
Chapter 8 Hardening Your SQL Server Instance. Hardening  Hardening The process of making your SQL Server Instance more secure  New features Policy based.

Chapter 8 Hardening Your SQL Server Instance. Hardening  Hardening The process of making your SQL Server Instance more secure  New features Policy based.
Chapter 2 Information Security Overview The Executive Guide to Information Security manual.

Chapter 2 Information Security Overview The Executive Guide to Information Security manual.

Similar presentations

Ads by Google