This chapter covers the following topics:
Access Control Process: Concepts discussed include the steps of the access control process.
Physical and Logical Access to Assets: Concepts discussed include access control administration, information access, systems access, device access, and facilities access.
Identification and Authentication Concepts: Concepts discussed include knowledge factors, ownership factors, characteristic factors, location factors, time factors, single- versus multi-factor authentication, and device authentication.
Identification and Authentication Implementation: Concepts discussed include separation of duties, least privilege/need-to-know, default to no access, directory services, ...