Cissp Paper

Only available on StudyMode
  • Download(s) : 62
  • Published : February 8, 2013
Open Document
Text Preview
CI SSP
Certified I nformation System Security Professional
Op basis van de boeken: CISSP Certification, Training Guide, Roberta Bragg The CISSP Prep Guide, Ronald L. Krutz & Russel Dean Vines Samenvatting door Jos Engelhart MSc CISSP

Bezoek ook onze website http://www.enacom.nl.

Table of Contents

1 1.1 1.2 1.3

ACCESS CONTROL SYSTEMS AND METHODOLOGY

1

1.4 1.5

1.6

1.7 1.8

1.9

1.10

AUTHENTICATION AND ACCESS CONTROL ..............................................................1 ACCOUNTABILITY ..........................................................................................1 ACCESS CONTROL TECHNIQUES .........................................................................1 Discretionary Access Control - DAC ..............................................................1 Mandatory Access Control MAC .................................................................1 Lattice-Based Access Control.......................................................................1 Rule-Based Access Control..........................................................................2 Role-based access control...........................................................................2 Access Control Lists ...................................................................................2 ACCESS CONTROL ADMINISTRATION ...................................................................2 Account administration ...............................................................................2 ACCESS CONTROL MODELS / STRATEGIES .............................................................3 Bell-LaPadula ............................................................................................3 Biba .........................................................................................................3 Liptner s Lattice.........................................................................................4 Non-inference Models.................................................................................4 IDENTIFICATION AND AUTHENTICATION TECHNIQUES................................................4 Passwords ................................................................................................4 One-Time Passwords..................................................................................4 Challenge Response ...................................................................................4 Biometrics ................................................................................................4 Tickets .....................................................................................................4 Single Sign-On ..........................................................................................5 ACCESS CONTROL METHODOLOGIES....................................................................5 Centralized/Remote Authentication Access Controls .......................................5 Decentralized Access Control.......................................................................5 METHODS OF ATTACK .....................................................................................5 Brute force ...............................................................................................5 Denial of service........................................................................................5 Spoofing...................................................................................................6 Sniffing ....................................................................................................6 MONITORING ...............................................................................................6 Intrusion detection ....................................................................................6 Intrusion prevention ..................................................................................6 How intrusion detection...
tracking img