Monday, August 18, 2008

CISSP Day 1: Access Control

In CISSP, Access Control consider 'Avaliability', 'Integrity' and "Confidenticiality'.

To archive these 3 area, it has "Identify", "Authentication", "Authorization" and "Accountability".

In the Authentication has 3 factors.  Any 2 of 3 can be including in an authentication, it will consider as 'Storng Authentication'.  They are,

1. something that the person know
2. something that the person has
3. something that specific for the person

Most of time, we uses 'Logical Access Control' to do these area.  In CISSP, "Logical Access Control" is equal to "Technical Access Control".

In CISSP, identification management will consider on 6 areas.  They are,

1. Directory management
2. Web access management
3. Priavcy single-sign on
4. Password management
5. Account management
6. Profile update

No comments:

XML Master Cert Group

Google Groups
XML Master Certification
Visit this group