SSCP Domain: Access Controls

Overview/Description
With the increasing growth of the Internet and networks in general being used for business, security is an important issue. A key aspect of business security is controlling which users have access to what resources, and which operations they can perform. The mechanism for controlling these aspects is Access Control. This courses examines how to determine appropriate access controls, architecture models, authentication techniques and access methods. It explains access control systems, their differences and implementations and how they protect services and data. This course also demonstrates attack methods used to bypass access control systems and describes account management procedures and key access control concepts. The course guides you through the Common Body of Knowledge (CBK) recommended by the International Information Systems Security Certification Consortium (ISC)2 for its Systems Security Certified Practitioner (SSCP) certification. The SSCP credential certifies student expertise in 7 different knowledge domains.

Target Audience
Experienced IT professionals with a basic knowledge of network and communications protocols and equipment seeking to pass the System Security Certified Practitioner (SSCP) exam, or otherwise gain knowledge in assessing, planning, implementing and managing IT security in an enterprise environment. A minimum of one year's professional experience in one of the seven SSCP CBK Domains is required for certification.

Expected Duration (hours)
2.5

Lesson Objectives

SSCP Domain: Access Controls

identify the most appropriate access controls for particular situations

recognize the considerations for access control subjects and access control objects

select appropriate access control architecture models for particular situations

recognize access control architecture models

determine the most appropriate access controls to use in a particular scenario

determine the most appropriate access control architecture model to use in a particular scenario

describe knowledge and ownership based authentication methods

describe the components of an identity management solution

describe characteristics-based authentication methods

describe multifactor authentication methods

recognize the advantages of single sign-on systems (SSOs) for authentication

describe how Kerberos is used for authentication

select the most appropriate access control methodology to use in a particular situation

rank portable devices according to the amount of data they can remove from a network

describe security risks and mitigation techniques for virtual platforms

describe the phases of a cloud computing data cycle

determine the most appropriate authentication technique to use in a particular scenario

determine the most appropriate access method to implement in a particular scenario