Download presentation
Presentation is loading. Please wait.
1
CompTIA Security+ Study Guide (SY0-501)
Chapter 4: Identity and Access Management
2
Chapter 4: Identity and Access Management
Given a scenario, use appropriate software tools to assess the security posture of an organization Given a scenario, troubleshoot common security issues Given a scenario, analyze and interpret output from security technologies Compare and contrast identity and access management concepts Given a scenario, install and configure identity and access services Given a scenario, implement identity and access management control
3
Tools to Assess Your Network
Protocol analyzers tcpdump Wireshark Network scanners Solar Winds LanHelper Wireless scanners and crackers Aircrack
4
Tools to Assess Your Network Continued
Password crackers pwdump Ophcrack Vulnerability scanners Nessus MBSA OWASP Zap
5
Command-Line Tools ping netstat tracert nslookup/dig arp
ipconfig/ip/ifconfig nmap netcat
6
Additional Tools General networking tools Honeypots
Steganography tools
7
Troubleshooting Common Security Issues
Access issues Configuration issues Digital certificate issues Personnel issues Other issues
8
Security Technologies
Intrusion detection systems Antimalware Firewalls and related devices Other systems
9
Identification vs. Authentication
Requires a human to intercede and verify that someone is who they say they are Authentication The user may not be who they are supposed to be, but they have indeed given the correct combination of values (such as username and password, tokens, or biometrics) and thus they are authenticated.
10
Authentication (single factor) and authorization
Single-factor authentication (SFA) Username and password Multifactor authentication Multifactor system Two-factor authentication system
11
Biometrics Federations
12
Potential Authentication and Access Problems
Transitive Access One party (A) trusts another party (B). If the second party (B) trusts another party (C), then a relationship can exist where the third party (C) is trusted by the first party (A).
13
LDAP PAP, SPAP, and CHAP Kerberos RADIUS
14
Chapter 4: Access Control, Authentication, and Authorization
TACACS/TACACS+/XTACACS This is a client-server-oriented environment, and it operates in a manner similar to how RADIUS operates. OATH One-time passwords SAML Security Assessment Markup Language
15
Access Control Five primary methods Mandatory access control (MAC)
All access predefined Discretionary access control (DAC) Incorporates some flexibility Role-based access control (RBAC) Allows the user’s role to dictate access capabilities Rule-based access control (RBAC) Limits user to preconfigured policies Attribute-based access control (ABAC) Considers all of the various attributes associated with the subject and object in making the access control decision
16
Smart cards Common access card (CAC)
Personal identification verification card (PIV)
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.