Presentation is loading. Please wait.

Presentation is loading. Please wait.

CompTIA Security+ Study Guide (SY0-501)

Published byJane Henderson Modified over 5 years ago

Similar presentations

Presentation on theme: "CompTIA Security+ Study Guide (SY0-501)"— Presentation transcript:

1 CompTIA Security+ Study Guide (SY0-501)
Chapter 4: Identity and Access Management

2 Chapter 4: Identity and Access Management
Given a scenario, use appropriate software tools to assess the security posture of an organization Given a scenario, troubleshoot common security issues Given a scenario, analyze and interpret output from security technologies Compare and contrast identity and access management concepts Given a scenario, install and configure identity and access services Given a scenario, implement identity and access management control

3 Tools to Assess Your Network
Protocol analyzers tcpdump Wireshark Network scanners Solar Winds LanHelper Wireless scanners and crackers Aircrack

4 Tools to Assess Your Network Continued
Password crackers pwdump Ophcrack Vulnerability scanners Nessus MBSA OWASP Zap

5 Command-Line Tools ping netstat tracert nslookup/dig arp
ipconfig/ip/ifconfig nmap netcat

6 Additional Tools General networking tools Honeypots
Steganography tools

7 Troubleshooting Common Security Issues
Access issues Configuration issues Digital certificate issues Personnel issues Other issues

8 Security Technologies
Intrusion detection systems Antimalware Firewalls and related devices Other systems

9 Identification vs. Authentication
Requires a human to intercede and verify that someone is who they say they are Authentication The user may not be who they are supposed to be, but they have indeed given the correct combination of values (such as username and password, tokens, or biometrics) and thus they are authenticated.

10 Authentication (single factor) and authorization
Single-factor authentication (SFA) Username and password Multifactor authentication Multifactor system Two-factor authentication system

11 Biometrics Federations

12 Potential Authentication and Access Problems
Transitive Access One party (A) trusts another party (B). If the second party (B) trusts another party (C), then a relationship can exist where the third party (C) is trusted by the first party (A).

13 LDAP PAP, SPAP, and CHAP Kerberos RADIUS

14 Chapter 4: Access Control, Authentication, and Authorization
TACACS/TACACS+/XTACACS This is a client-server-oriented environment, and it operates in a manner similar to how RADIUS operates. OATH One-time passwords SAML Security Assessment Markup Language

15 Access Control Five primary methods Mandatory access control (MAC)
All access predefined Discretionary access control (DAC) Incorporates some flexibility Role-based access control (RBAC) Allows the user’s role to dictate access capabilities Rule-based access control (RBAC) Limits user to preconfigured policies Attribute-based access control (ABAC) Considers all of the various attributes associated with the subject and object in making the access control decision

16 Smart cards Common access card (CAC)
Personal identification verification card (PIV)

Download ppt "CompTIA Security+ Study Guide (SY0-501)"

Similar presentations

Access Control Chapter 3 Part 3 Pages 209 to 227.

Access Control Chapter 3 Part 3 Pages 209 to 227.
Access Control Methodologies

Access Control Methodologies
Authentication Chapter 2. Learning Objectives Create strong passwords and store them securely Understand the Kerberos authentication process Understand.

Authentication Chapter 2. Learning Objectives Create strong passwords and store them securely Understand the Kerberos authentication process Understand.
Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.

Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.
Chapter 2.  CIA Model  Host Security VS Network Security  Least Privileges  Layered Security  Access Controls Prepared by Mohammed Saher2.

Chapter 2.  CIA Model  Host Security VS Network Security  Least Privileges  Layered Security  Access Controls Prepared by Mohammed Saher2.
Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved.

Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification.

2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification.
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.

Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
1 © Talend 2014 XACML Authorization Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo

1 © Talend 2014 XACML Authorization Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo
OV 11 - 1 Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.

OV Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.
Chapter 2 Information Security Overview The Executive Guide to Information Security manual.

Chapter 2 Information Security Overview The Executive Guide to Information Security manual.
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Securing Information Systems

Securing Information Systems
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.

Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.

Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Cisco’s Secure Access Control Server (ACS)

Cisco’s Secure Access Control Server (ACS)
Module 9: Fundamentals of Securing Network Communication.

Module 9: Fundamentals of Securing Network Communication.
Identity Management: A Technical Perspective Richard Cissée DAI-Labor; Technische Universität Berlin

Identity Management: A Technical Perspective Richard Cissée DAI-Labor; Technische Universität Berlin

Similar presentations

Ads by Google