Access Controls
Shon Harris
The fast, powerful way to prepare for your SSCP exam!
Get all the hands-on training you need to pass (ISC)²’s tough SSCP exam, get certified, and move forward in your IT security career! In this online video, the world’s #1 information security trainer walks you through every skill and concept you’ll need to master. This online video contains over four and a half hours of training adapted from Shon …
Access Controls
Shon Harris
The fast, powerful way to prepare for your SSCP exam!
Get all the hands-on training you need to pass (ISC)²’s tough SSCP exam, get certified, and move forward in your IT security career! In this online video, the world’s #1 information security trainer walks you through every skill and concept you’ll need to master. This online video contains over four and a half hours of training adapted from Shon Harris’s legendary five-day SSCP boot camps–including realistic labs, scenarios, case studies, and animations designed to build and test your knowledge in real-world settings!
Comprehensive coverage of SSCP domains of knowledge:
. Access controls
. Administrative Control
. Fraud Control
. Passwords
. Identity Management
. Validation
About the Shon Harris Security Series
This online video is part of a complete library of books, online services, and videos designed to help security professionals enhance their skills and prepare for their certification exams. Every product in this series reflects Shon Harris’s unsurpassed experience in teaching IT security professionals.
Category: Security
System Requirements
OPERATING SYSTEM: Windows 2000, XP, or Vista; Mac OS X 10.4
(Tiger) or later
MULTIMEDIA: DVD drive; 1024 x 768 or higher display; sound card
with speakers
COMPUTER: 500MHz or higher CPU; 128MB RAM or more
Course Introduction 00:17:17
Domain 1 - Access Controls 00:01:08
Definitions 00:01:05
Access Control Mechanism Examples 00:01:03
Technical Controls 00:00:54
Access Control Characteristics 00:03:25
Preventive Controls 00:00:56
Preventive - Administrative Controls 00:02:20
Detective - Administrative Control 00:02:08
Detective Examples 00:00:48
Administrating Access Control (1) 00:01:25
OS, Application, Database 00:00:36
Administrating Access Control (2) 00:01:00
Authorization Creep 00:00:59
Accountability and Access Control 00:01:26
Trusted Path 00:03:00
Fake Login Pages Look Convincing 00:01:44
Who Are You? 00:02:08
Identification Issues 00:00:48
Authentication Mechanisms Characteristics 00:00:44
Strong Authentication 00:02:01
Fraud Controls 00:02:40
Internal Control Tool: Separation of Duties 00:01:38
Biometrics Technology 00:01:32
Example (1) 00:01:12
Verification Steps 00:01:12
What a Person Is 00:01:00
Biometric Type 00:00:23
Identification or Authentication? 00:01:21
Iris Sampling 00:00:40
Finger Scan 00:00:58
Hand Geometry 00:00:39
Facial Recognition 00:01:44
Comparison 00:00:52
Biometrics Verification 00:01:42
Biometrics Error Types 00:01:59
Crossover Error Rate 00:01:45
Biometric System Types 00:02:52
Passwords 00:00:40
Password Generators 00:00:55
Password Shoulds 00:03:02
Support Issues 00:00:29
Password Attacks 00:01:05
Attack Steps 00:02:50
Many Tools to Break Your Password 00:00:53
Rainbow Table 00:01:27
Passwords Should NOT Contain 00:01:26
Countermeasures for Password Cracking 00:01:06
Cognitive Passwords 00:00:47
One-Time Password Authentication 00:01:36
Synchronous Token 00:01:02
One Type of Solution 00:02:34
Synchronous Steps 00:00:35
Administrator Configures 00:04:30
Asynchronous Token Device 00:00:35
Asynchronous Steps 00:02:52
Challenge Response Authentication (2) 00:01:05
Passphrase Authentication 00:01:30
Key Protection 00:02:15
Smart Card 00:00:56
Characteristics 00:01:09
Card Types 00:00:50
Smart Card Attacks 00:01:34
Software Attack 00:03:11
Microprobing 00:00:53
Identity Management 00:02:19
How Are These Entities Controlled? 00:00:55
Some Current Issues 00:01:22
Management 00:03:01
Typical Chaos 00:00:49
Different Identities 00:01:45
Identity Management Technologies 00:00:48
Directory Component 00:02:05
Directory Responsibilities 00:01:03
Authoritative Sources 00:01:47
Meta Directory 00:02:26
Directory Interactions 00:01:46
Web Access Management 00:01:27
Web Access 00:05:09
Password Management 00:02:21
Legacy Single Sign-On 00:02:47
Account Management Systems 00:02:23
Provisioning Component 00:01:56
Provisioning 00:01:59
Not Just Computers 00:00:46
Profile Update 00:01:29
Working Together 00:03:28
Enterprise Directory (2) 00:01:00
Identity Management Solution Components 00:00:36
Right for Your Company 00:02:17
Federated Identity 00:02:59
Identity Theft 00:01:19
Fake Login Tools 00:00:42
How Do These Attacks Work? 00:00:33
Attempts to Get Your Credentials 00:01:02
Instructional Emails 00:01:26
Knowing What You Are Disposing of Is Important 00:01:18
Other Examples 00:00:46
Another Danger to Be Aware of Spyware 00:02:07
Is Someone Watching You? 00:02:11
What Does This Have to Do with My Computer? 00:01:37
New Spyware Is Being Identified Every Week 00:00:41
Spyware Comes in Many Different Forms 00:01:48
Different Technologies 00:00:56
Single Sign-on Technology 00:02:20
Directory Services as a Single Sign-on Technology 00:01:04
Active Directory 00:00:57
Security Domain 00:01:27
Domains of Trust 00:01:03
Thin Clients 00:00:59
Example (2) 00:01:13
Kerberos as a Single Sign-on Technology 00:00:52
Kerberos Components Working Together 00:01:48
Pieces and Parts 00:01:25
Kerberos Steps 00:09:08
Tickets 00:02:00
Steps of Validation 00:01:16
Kerberos Security 00:01:30
Issues Pertaining to Kerberos 00:01:25
Kerberos Issues 00:01:31
SESAME as a Single Sign-on Technology 00:00:38
SESAME Steps for Authentication 00:02:18
Combo 00:01:22
Models for Access 00:00:54
Access Control Models (1) 00:01:00
ACL Access 00:03:00
Security Issues 00:01:20
Mandatory Access Control Model 00:01:50
MAC Enforcement Mechanism - Labels 00:02:06
Formal Model 00:00:57
Software and Hardware 00:00:58
Software and Hardware Guards 00:01:09
Where Are They Used? 00:00:44
SELinux 00:00:31
MAC versus DAC 00:01:14
Role-Based Access Control 00:01:14
RBAC Hierarchy 00:01:44
RBAC and SoD 00:00:46
Acquiring Rights and Permissions 00:00:47
Rule-Based Access Control 00:02:30
Access Control Matrix (1) 00:01:37
Capability Tables 00:00:34
Temporal Access Control 00:00:54
Access Control Administration 00:00:43
Access Control Methods 00:00:36
Centralized Approach 00:00:54
Remote Centralized Administration 00:01:35
RADIUS 00:00:39
RADIUS Steps 00:00:55
RADIUS Characteristics 00:01:17
TACACS+ Characteristics 00:01:36
Diameter Characteristics 00:02:27
Diameter Protocol 00:01:01
Mobile IP 00:01:36
Diameter Architecture 00:01:41
Two Pieces 00:01:09
AVP 00:03:46
Decentralized Access Control Administration 00:01:45
Controlling Access to Sensitive Data 00:02:01
Protecting Access to System Logs 00:02:05
Accountability = Auditing Events 00:00:44
Access Control Models (2) 00:00:38
Policy versus Model 00:00:52
State Machine 00:02:17
Information Flow 00:01:38
Information Flow Model 00:00:35
Bell-LaPadula 00:05:28
Tranquility Types 00:00:55
Biba 00:01:39
Definition of Integrity 00:00:42
Biba Access Rules 00:02:01
Clark-Wilson 00:00:57
Goals of Model 00:02:03
Clark Wilson Components 00:02:33
Clark-Wilson (Cont.) 00:00:46
Clark-Wilson Model 00:01:34
Non-Interference Model 00:01:22
Lattice-Based Access Control 00:03:29
Access Control Matrix Model 00:00:52
Access Control Matrix (2) 00:01:08
Brewer and Nash Model - Chinese Wall 00:02:10
Take-Grant Model 00:01:29
Domain 1 Review 00:02:00