Thursday, December 23, 2010

CompTIA Security+ Exam Objectives 3.1

Access Control
3.1 Access Control Methods

Section 3.1 of the Security+ test focuses on industry access control methods that should be put in place to protect against fraud, network errors, communication failure, and so on. Each of these methods is put in place to minimize the possibility of something going wrong within a company’s infrastructure or personnel.

  • ·         Implicit denyImplicit deny simply means denying all traffic unless it is specifically granted access. Implicit deny means that unless something like traffic on a network is explicitly allowed, it is denied. It isn’t used to deny all traffic, but instead used to deny all traffic that isn’t explicitly granted or allowed.
  • ·         Least privilege – The idea behind least privilege is that processes or individuals should be given the rights necessary in order to perform assigned tasks or functions, but no more. Least privilege mostly focuses on rights and actions.
  • ·         Separation of duties – Separation of duties is usually put in place to ensure that no one person or entity is able to control all of the functions of a specific critical process. The purpose is to separate these duties to two or more people or entities. This is to protect against fraud, errors, theft, and so on.
  • ·         Job rotation – Job rotation to many people is something that is nothing more than personal and managerial gain. However, in the security world, job rotation can help a company protect against errors, fraud, and theft. If one person is left with one job for years and years, it can be easy to slowly but surely implement a method of theft.
Industry access control is something that has become more serious in the work-world today. More and more companies are realizing the importance of these methods to ensure that their personnel are working how they are expected to. Since companies are becoming more technical, activities such as least privilege and implicit deny are extremely important. This way company servers and networks are protected against rogue users and hackers as well as personnel who are seeking to exploit access controls.
GetCertify4Less and GetCertified4Less
Posted 8:59 AM
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)