In CISSP, Access Control consider 'Avaliability', 'Integrity' and "Confidenticiality'.
To archive these 3 area, it has "Identify", "Authentication", "Authorization" and "Accountability".
In the Authentication has 3 factors. Any 2 of 3 can be including in an authentication, it will consider as 'Storng Authentication'. They are,
1. something that the person know
2. something that the person has
3. something that specific for the person
Most of time, we uses 'Logical Access Control' to do these area. In CISSP, "Logical Access Control" is equal to "Technical Access Control".
In CISSP, identification management will consider on 6 areas. They are,
1. Directory management
2. Web access management
3. Priavcy single-sign on
4. Password management
5. Account management
6. Profile update
Subscribe to:
Post Comments (Atom)
XML Master Cert Group
|
| XML Master Certification |
| Visit this group |
No comments:
Post a Comment