Chapter 1. Access Control

The Access Control domain covers a variety of different controls used to identify subjects, authenticate them, and control the access they are granted to different objects by controlling rights and permissions. Audit trails are an important element of accounting and logging and, combined with effective authentication, provide individual accountability. Access control attacks are common, and it’s important for security professionals to have a basic understanding of evaluating threats and analyzing vulnerabilities to determine overall risk. Ideally, access controls are implemented to fully support an organization’s security policy, and a way to verify this is through access reviews and audits. These reviews and audits can ...

Get CISSP Rapid Review now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.