Access Control
Shon Harris
The fast, powerful way to prepare for your CompTIA Security+ exam!
Get all the hands-on training you need to pass (ISC)²’s tough SSCP exam, get certified, and move forward in your IT security career! In this online video, the world’s #1 information security trainer walks you through every skill and concept you’ll need to master. This online video contains over six hours of training …
Access Control
Shon Harris
The fast, powerful way to prepare for your CompTIA Security+ exam!
Get all the hands-on training you need to pass (ISC)²’s tough SSCP exam, get certified, and move forward in your IT security career! In this online video, the world’s #1 information security trainer walks you through every skill and concept you’ll need to master. This online video contains over six hours of training adapted from Shon Harris’s legendary five-day SSCP boot camps–including realistic labs, scenarios, case studies, and animations designed to build and test your knowledge in real-world settings!
Comprehensive coverage of CompTIA Security+ domains of knowledge:
. Access Control Characters
. Fraud Controls
. Access Control Matrix
. Remote Authentication
. Wireless Proximity Devices
. Alarm Systems
About the Shon Harris Security Series
This online video is part of a complete library of books, online services, and videos designed to help security professionals enhance their skills and prepare for their certification exams. Every product in this series reflects Shon Harris’s unsurpassed experience in teaching IT security professionals.
Category: Security
System Requirements
OPERATING SYSTEM: Windows 2000, XP, or Vista; Mac OS X 10.4
(Tiger) or later
MULTIMEDIA: DVD drive; 1024 x 768 or higher display; sound card
with speakers
COMPUTER: 500MHz or higher CPU; 128MB RAM or more
Course Introduction 00:06:59
Domain 3 - Access Control 00:00:08
Access Control 00:00:43
Definitions 00:01:05
Access Control Mechanism Examples 00:01:03
Technical Controls 00:00:54
Access Control Characteristics 00:03:25
Preventive Controls 00:00:56
Preventive - Administrative Controls 00:01:15
Fake Login Pages Look Convincing 00:01:05
Detective - Administrative Control 00:02:08
Detective Examples 00:00:48
Administrating Access Control 00:01:25
OS, Application, Database 00:00:36
Administrating Access Control 00:01:00
Authorization Creep 00:00:59
Accountability and Access Control 00:01:26
Trusted Path 00:03:00
Fake Login Pages Look Convincing 00:01:44
Who Are You? 00:02:08
Identification Issues 00:00:48
Authentication Mechanisms Characteristics 00:00:44
Strong Authentication 00:02:01
Fraud Controls 00:02:40
Internal Control Tool: Separation of Duties 00:01:14
Authentication Mechanisms in Use Today 00:00:24
Biometrics Technology 00:01:05
Biometric Devices 00:00:27
Example 00:01:12
Verification Steps 00:01:33
Why Use Biometrics? 00:00:38
Biometric Type 00:01:44
Iris Sampling 00:00:40
Finger Scan 00:00:58
Hand Geometry 00:00:39
Facial Recognition 00:01:44
Comparison 00:00:52
Biometrics Verification 00:00:40
Issues 00:01:02
Biometrics Error Types 00:01:59
Crossover Error Rate 00:01:45
Biometric System Types 00:02:52
Passwords 00:00:40
Password Generators 00:00:55
Password Shoulds 00:03:31
Password Attacks 00:01:05
Attack Steps 00:02:50
Many Tools to Break Your Password 00:00:53
Rainbow Table 00:01:27
Passwords Should NOT Contain 00:01:26
Countermeasures for Password Cracking 00:01:06
Cognitive Passwords 00:00:47
One-Time Password Authentication 00:01:36
Synchronous Token 00:01:02
One Type of Solution 00:02:34
Synchronous Steps 00:00:48
Challenge Response Authentication 00:04:17
Asynchronous Token Device 00:00:35
Asynchronous Steps 00:02:52
Challenge Response Authentication 00:01:05
Passphrase Authentication 00:01:30
Key Protection 00:02:15
Smart Card 00:00:56
Characteristics 00:01:09
Card Types 00:00:50
Smart Card Attacks 00:01:34
Software Attack 00:01:02
Side Channel Attack 00:01:18
Side Channel Data Collection 00:00:50
Microprobing 00:00:53
Identity Management 00:02:19
How Are These Entities Controlled? 00:00:55
Some Current Issues 00:01:22
Management 00:03:01
Typical Chaos 00:00:49
Different Identities 00:01:45
Identity Management Technologies 00:00:48
Directory Component 00:01:17
Enterprise Directory 00:00:48
Directory Responsibilities 00:01:03
Authoritative Sources 00:01:47
Meta Directory 00:02:26
Directory Interactions 00:01:46
Web Access Management 00:01:27
Web Access 00:05:09
Password Management 00:02:21
Legacy Single Sign-On 00:02:47
Account Management Systems 00:02:23
Provisioning Component 00:01:56
Provisioning 00:01:59
Not Just Computers 00:00:46
Profile Update 00:01:29
Working Together 00:03:28
Enterprise Directory 00:01:00
Identity Management Solution Components 00:00:36
Right for Your Company 00:02:17
Federated Identity 00:02:59
Different Technologies 00:00:56
Single Sign-on Technology 00:00:30
Single Sign-on 00:01:50
Directory Services as a Single Sign-on Technology 00:01:04
Active Directory 00:00:57
Security Domain 00:01:27
Domains of Trust 00:00:34
Domain Illustration 00:00:29
Thin Clients 00:00:59
Example 00:01:13
Kerberos as a Single Sign-on Technology 00:00:52
Kerberos Components Working Together 00:01:48
Pieces and Parts 00:00:13
More Components of Kerberos 00:00:32
KDC Components 00:00:40
Kerberos Steps 00:09:08
Tickets 00:02:00
Steps of Validation 00:01:16
Kerberos Security 00:01:30
Issues Pertaining to Kerberos 00:01:25
Kerberos Issues 00:01:31
SESAME as a Single Sign-on Technology 00:00:38
SESAME Steps for Authentication 00:02:18
Combo 00:01:22
Models for Access 00:00:54
Access Control Models 00:00:14
Discretionary Access Control Model 00:00:46
ACL Access 00:02:08
Enforcing a DAC Policy 00:00:52
Security Issues 00:01:20
Mandatory Access Control Model 00:01:50
MAC Enforcement Mechanism - Labels 00:02:06
Formal Model 00:00:57
Software and Hardware 00:00:58
Software and Hardware Guards 00:01:09
Where Are They Used? 00:00:44
SELinux 00:00:31
MAC versus DAC 00:01:14
Role-Based Access Control 00:01:14
RBAC Hierarchy 00:01:44
RBAC and SoD 00:00:46
Acquiring Rights and Permissions 00:00:47
Rule-Based Access Control 00:02:30
Access Control Matrix 00:01:37
Capability Tables 00:00:34
Temporal Access Control 00:00:54
Access Control Administration 00:00:43
Access Control Methods 00:00:36
Centralized Approach 00:00:54
Remote Centralized Administration 00:01:35
RADIUS 00:00:39
RADIUS Steps 00:00:55
RADIUS Characteristics 00:01:17
TACACS+ Characteristics 00:01:36
Diameter Characteristics 00:02:27
Diameter Protocol 00:01:01
Mobile IP 00:01:36
Diameter Architecture 00:01:41
Two Pieces 00:01:09
AVP 00:03:46
Decentralized Access Control Administration 00:01:45
Controlling Access to Sensitive Data 00:02:01
Protecting Access to System Logs 00:02:05
Accountability = Auditing Events 00:00:44
Agenda 2 00:02:19
IDS Steps 00:01:26
Network IDS Sensors 00:02:00
Host IDS 00:01:31
Combination 00:01:38
Types of IDSs 00:02:32
Signature-Based Example 00:02:29
Behavior-Based IDS 00:03:32
Statistical Anomaly 00:01:05
Statistical IDS 00:00:45
Protocol Anomaly 00:01:45
What Is a Protocol Anomaly? 00:01:30
Protocol Anomaly Issues 00:00:48
Traffic Anomaly 00:03:47
IDS Response Mechanisms 00:01:10
Responses to Attacks 00:01:37
IDS Issues 00:01:55
Intrusion Prevention System 00:02:19
Differences 00:00:24
Vulnerable IDS 00:00:47
Trapping an Intruder 00:01:43
Controlling Remote Access 00:10:39
Remote Authentication 00:02:14
Mutual Authentication 00:02:47
Without Mutual Authentication 00:02:23
Group Policies 00:01:55
File and Print Resources 00:02:15
File and Print Resources - Protection 00:02:07
Physical Access Security 00:00:48
Different Types of Threats 00:00:42
Wake Up Call 00:00:35
Not Just Hacking 00:00:37
Number One Priority 00:01:19
Physical Security Program Goals 00:01:41
Planning Process 00:01:35
Risk Assessment Needs to be Carried Out 00:01:04
Deterrence Options 00:01:06
Delay 00:00:19
Layered Defense Model 00:00:49
Detection 00:01:04
Weak Link in the Chain 00:00:41
Agenda 1 00:01:20
Crime Prevention through Environmental Design 00:02:14
CPTED Main Strategies 00:00:39
Target Hardening 00:00:42
Access Barriers 00:02:11
Facility Construction 00:00:49
Construction Materials 00:00:43
Rebar Encased in Concrete 00:00:24
Data Center 00:01:04
Designing a Secure Site 00:01:24
Door Types 00:01:51
Window Types 00:01:13
Sensitive Areas 00:01:00
Security Zones 00:00:16
Various Sensors 00:00:14
Lock Types 00:01:47
Entry Access Control 00:01:53
Wireless Proximity Devices 00:00:49
Device Types 00:00:42
Piggybacking 00:00:49
Entrance Protection 00:01:19
Door Configurations 00:00:32
External Boundary Protection 00:02:54
Fencing Characteristics 00:00:42
Fencing Issues 00:00:50
Gates 00:01:40
Lighting Issues 00:01:09
Perimeter Security - Security Guards 00:00:42
Guard Tasks 00:01:03
Security Guards 00:01:57
CCTV 00:04:27
Agenda 2 00:01:00
Intrusion Detection Characteristics 00:01:04
Electro-Mechanical Sensors 00:01:12
Volumetric Sensors 00:02:07
Alarm Systems 00:00:45
Securing Mobile Devices 00:02:08
Agenda 3 00:00:27
HVAC Attributes 00:01:38
Environmental Considerations 00:01:01
Who’s Got Gas? 00:01:04
Documentation of Procedures 00:06:30
Power Preventive Measures 00:01:46
Device Protection 00:01:14
Agenda 4 00:01:25
Automatic Detector Mechanisms 00:02:18
Fire Detection 00:01:34
Fire Types 00:02:56
Emergency Power Off Switch 00:01:09
Fire Suppression Systems 00:04:24
Fire Extinguishers 00:00:47
Emergency Procedures 00:01:41
Domain 3 Review 00:00:46