CISSP Video Course Domain 2 - Access Control

CISSP Video Course Domain 2 - Access Control

by
Released May 2009
Publisher(s): Pearson IT Certification
ISBN: 9780789740144

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to live online training experiences, plus books, videos, and digital content from O’Reilly and nearly 200 trusted publishing partners.

Start your free trial

Video description

The fast, powerful way to prepare for your CISSP exam!

30+ hours of personal video training from leading security expert Shon Harris

Achieving the (ISC)2’s globally recognized CISSP can give your IT career a lift. In this DVD, the world’s #1 CISSP trainer brings her legendary five-day boot camp to your computer screen. Packed with over 30 hours of instruction adapted from Shon’s classes, this video course includes realistic labs, scenarios, case studies, and animations designed to build and test your knowledge in real-word settings. Preparing for the CISSP has never been this easy or convenient.

Master the skills and concepts you need for all ten CISSP common body of knowledge domains:

  • Access Control
  • Application Security
  • Business Continuity and Disaster Recovery Planning
  • Cryptography
  • Information Security and Risk Management
  • Legal, Regulations, Compliance, and Investigations
  • Operations Security
  • Physical (Environmental) Security
  • Security Architecture and Design
  • Telecommunications and Network Security

System Requirements

OPERATING SYSTEM: Windows 2000, XP, or Vista; Mac OS X 10.4 (Tiger) or later
MULTIMEDIA: DVD drive; 1024 x 768 or higher display; sound card with speakers
COMPUTER: 500MHz or higher CPU; 128MB RAM or more

Table of contents

  1. Course Introduction
  2. Domain 2 - Access Control
  3. Agenda 1
  4. Access Control Mechanism Examples
  5. Technical Controls
  6. Access Control Characteristics
  7. Preventive Controls
  8. Control Combinations
  9. Detective - Administrative Control
  10. Detective Examples
  11. Administrating Access Control
  12. Authorization Creep
  13. Accountability and Access Control
  14. Trusted Path
  15. Fake Login Pages Look Convincing
  16. Who Are You?
  17. Identification Issues
  18. Authentication Mechanisms Characteristics
  19. Strong Authentication
  20. Fraud Controls
  21. Internal Control Tool: Separation of Duties
  22. Authentication Mechanisms in Use Today
  23. Verification Steps
  24. What a Person Is
  25. Why Use Biometrics?
  26. Identification or Authentication?
  27. Iris Sampling
  28. Finger Scan
  29. Hand Geometry
  30. Downfalls to Biometric Use
  31. Biometrics Error Types
  32. Crossover Error Rate
  33. Biometric System Types
  34. Passwords
  35. Password Attacks
  36. Attack Steps
  37. Many Tools to Break Your Password
  38. Rainbow Table
  39. Passwords Should NOT Contain...
  40. Countermeasures for Password Cracking
  41. Cognitive Passwords
  42. One-Time Password Authentication
  43. Synchronous Token
  44. One Type of Solution
  45. Administrator Configures
  46. Challenge Response Authentication
  47. Asynchronous Token Device
  48. Challenge Response Authentication
  49. Cryptographic Keys
  50. Passphrase Authentication
  51. Key Protection
  52. Memory Cards
  53. Memory Card Characteristics
  54. Smart Card
  55. Characteristics
  56. Card Types
  57. Smart Card Attacks
  58. Software Attack
  59. Side Channel Attack
  60. Side Channel Data Collection
  61. Microprobing
  62. Identity Management
  63. How Are These Entities Controlled?
  64. Some Current Issues
  65. Management
  66. Typical Chaos
  67. Different Identities
  68. Identity Management Technologies
  69. Directory Component
  70. Enterprise Directory
  71. Directory Responsibilities
  72. Authoritative Sources
  73. Meta Directory
  74. Directory Interactions
  75. Web Access Management
  76. Web Access
  77. Password Management
  78. Legacy Single Sign-On
  79. Account Management Systems
  80. Provisioning Component
  81. Profile Update
  82. Working Together
  83. Enterprise Directory
  84. Identity Management Solution Components
  85. Federated Identity
  86. Identity Theft
  87. Fake Login Tools
  88. Instructional Emails
  89. Knowing What You Are Disposing of Is Important
  90. Other Examples
  91. Another Danger to Be Aware of... Spyware
  92. Is Someone Watching You?
  93. What Does This Have to Do with My Computer?
  94. New Spyware Is Being Identified Every Week
  95. How to Prevent Spyware
  96. Different Technologies
  97. Single Sign-on Technology
  98. Security Domain
  99. Domains of Trust
  100. Thin Clients
  101. Example
  102. Kerberos as a Single Sign-on Technology
  103. Tickets
  104. Why Go Through All of this Trouble?
  105. Issues Pertaining to Kerberos
  106. Kerberos Issues
  107. SESAME as a Single Sign-on Technology
  108. SESAME Steps for Authentication
  109. Combo
  110. Models for Access
  111. Access Control Models
  112. ACL Access
  113. File Permissions
  114. Security Issues
  115. Mandatory Access Control Model
  116. MAC Enforcement Mechanism - Labels
  117. Formal Model
  118. Software and Hardware
  119. Software and Hardware Guards
  120. MAC versus DAC
  121. Role-Based Access Control
  122. RBAC Hierarchy
  123. Rule-Based Access Control
  124. Firewall Example
  125. Access Control Matrix
  126. Temporal Access Control
  127. Access Control Administration
  128. Remote Centralized Administration
  129. RADIUS
  130. RADIUS Characteristics
  131. TACACS+ Characteristics
  132. Diameter Characteristics
  133. Diameter Protocol
  134. Mobile IP
  135. Diameter Architecture
  136. Two Pieces
  137. AVP
  138. Decentralized Access Control Administration
  139. Controlling Access to Sensitive Data
  140. IDS
  141. IDS Steps
  142. Network IDS Sensors
  143. Host IDS
  144. Combination
  145. Types of IDSs
  146. Signature-Based Example
  147. Behavior-Based IDS
  148. Statistical Anomaly
  149. Statistical IDS
  150. Protocol Anomaly
  151. What Is a Protocol Anomaly?
  152. Protocol Anomaly Issues
  153. Traffic Anomaly
  154. IDS Response Mechanisms
  155. Responses to Attacks
  156. IDS Issues
  157. Vulnerable IDS
  158. Domain 2 Review

Product information

  • Title: CISSP Video Course Domain 2 - Access Control
  • Author(s):
  • Release date: May 2009
  • Publisher(s): Pearson IT Certification
  • ISBN: 9780789740144