Chapter 1. Access Control

The Access Control domain covers a variety of different controls used to identify subjects, authenticate them, and control the access they are granted to different objects by controlling rights and permissions. Audit trails are an important element of accounting and logging and, combined with effective authentication, provide individual accountability. Access control attacks are common, and it’s important for security professionals to have a basic understanding of evaluating threats and analyzing vulnerabilities to determine overall risk. Ideally, access controls are implemented to fully support an organization’s security policy, and a way to verify this is through access reviews and audits. These reviews and audits can ...

Get CISSP Rapid Review now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.