After reading this chapter and completing the exercises, you will be able to do the following:
Explain access control fundamentals.
Apply the concepts of default deny, need-to-know, and least privilege.
Understand secure authentication.
Protect systems from risks associated with Internet connectivity, remote access, and telework environments.
Manage and monitor user and administrator access.
Develop policies to support access control management.
What could be more essential to security than managing access to information and information systems? The primary objective of access controls is to protect information and information systems from unauthorized access (confidentiality), modification ...