Access-Control Systems and Methodology

Table of contents:


Access control is a key component of security. When properly designed, it lets in legitimate users and keeps unauthorized individuals out. Access control has moved far beyond simple usernames and passwords. Modern access-control systems can use physical attributes or biometrics for authentication. Many airports now use biometrics for authentication. Security administrator have more to worry about than just authentication. Many employees now have multiple accounts to keep up with. Luckily, there is a way to consolidate these accounts: single sign-on.

This chapter discusses access-control techniques and the ways to implement control within centralized and decentralized environments. It also discusses some of the threats to access control. Attackers can launch password-cracking attacks to try and gain unauthorized access. If they still cannot get into a system, they might attempt to launch denial-of-service (DoS) attacks to disrupt avail ability to legitimate users. That is why access control is also about detective and corrective measures. It's important to have systems to detect misuse or attacks. One such system is an intrusion-detection system (IDS). IDS systems are also discussed in this chapter.

The CISSP Cram Sheet

A Note from Series Editor Ed Tittel

About the Author


We Want to Hear from You!



The CISSP Certification Exam

Physical Security

Security-Management Practices

Access-Control Systems and Methodology

System Architecture and Models

Telecommunications and Network Security

Applications and Systems-Development Security

Operations Security

Business Continuity Planning

Law, Investigations, and Ethics


Practice Exam 1

Answers to Practice Exam 1

Practice Exam 2

Answers to Practice Exam 2

CISSP Exam Cram 2
CISSP Exam Cram 2
ISBN: 078973446X
EAN: 2147483647
Year: 2003
Pages: 204
Authors: Michael Gregg © 2008-2020.
If you may any questions please contact us: