5.0 Access Control and Identity Management


5.1 Explain the function and purpose of authentication services

  • RADIUS
  • TACACS
  • TACACS+
  • Kerberos
  • LDAP
  • XTACACS

5.2 Explain the fundamental concepts and best practices related to authentication, authorization and access control

  • Identification vs. authentication
  • Authentication (single factor) and authorization
  • Multifactor authentication
  • Biometrics
  • Tokens
  • Common access card
  • Personal identification verification card
  • Smart card
  • Least privilege
  • Separation of duties
  • Single sign on
  • ACLs
  • Access control
  • Mandatory access control
  • Discretionary access control
  • Role/rule-based access control
  • Implicit deny
  • Time of day restrictions
  • Trusted OS
  • Mandatory vacations
  • Job rotation

5.3 Implement appropriate security controls when performing account management

  • Mitigates issues associated with users with multiple account/roles
  • Account policy enforcement
    • Password complexity
    • Expiration
    • Recovery
    • Length
    • Disablement
    • Lockout
  • Group based privileges
  • User assigned privileges

Recommended

 





Associates