CompTIA Security+ (SY0-401) Access Control and Identity Management
This course covers domain 05 of the CompTIA Security+ SY0-401 certification exam. This course deals with controlling user access and identity management tools and techniques. Access control and identity management is crucial to maintaining and secure environment. Various hardware controls like RADIUS, TACACS+ and XTACACS are covered, along with directory services and authentication services like Kerberos, LDAP, SAML, and Secure LDAP. The differences between identification, authentication, and authorization are covered, along with the various tools used to ensure users are connected securely with access to resources they need. Technologies and concepts including tokens, multi-authentication, TOTP, HOTP, CHAP, and PAP are covered, along with authentication factors. Authentication Services Module Overview RADIUS TACACS, XTACACS TACACS+ Kerberos LDAP Secure LDAP SAML Module Review Authentication, Authorization, and Access Control Review Identification vs. Authentication vs. Authorization Identification Personal Identification Verification Card Username Authentication Tokens Common Access Card Multifactor Authentication TOTP HOTP CHAP PAP Single Sign-on Access Control Implicit Deny Trusted OS Authentication Factors Authorization Separation of Duties ACLs Mandatory Access Control Discretionary Access Control Role Based and Rule Based Access Control (RBAC) Time of Day Restrictions Federation Transitive Trust/Authentication Module Review Account Management Security Controls Module Overview User with Multiple Accounts Shared Accounts Account Policy Management Group Policy Password Complexity Expiration Recovery Disablement Lockout Password History Password Reuse Password Length Generic Account Prohibition Group Based Privileges User Assigned Privileges User Access Reviews Continuous Monitoring Module Review
01. Authentication Services
|
|
|
|
|
|
01_01-Module Overview
|
01_02-RADIUS
|
01_03-TACACS, XTACACS
|
01_04-TACACS
|
|
|
|
|
|
|
01_05-Kerberos
|
01_06-LDAP
|
01_07-Secure LDAP
|
01_08-SAML
|
|
|
|||
|
01_09-Module Review
|
02. Authentication, Authorization, and Access Control
|
|
|
|
|
|
02_01-Review
|
02_02-Identification vs. Authentication vs. Authorization
|
02_03-Identification
|
02_04-Personal Identification Verification Card
|
|
|
|
|
|
|
02_05-Username
|
02_06-Authentication
|
02_07-Tokens
|
02_08-Common Access Card
|
|
|
|
|
|
|
02_09-Multifactor Authentication
|
02_10-TOTP
|
02_11-HOTP
|
02_12-CHAP
|
|
|
|
|
|
|
02_13-PAP
|
02_14-Single Signon
|
02_15-Access Control
|
02_16-Implicit Deny
|
|
|
|
|
|
|
02_17-Trusted OS
|
02_18-Authentication Factors
|
02_19-Authorization
|
02_20-Separation of Duties
|
|
|
|
|
|
|
02_21-ACLs
|
02_22-Mandatory Access Control
|
02_23-Discretionary Access Control
|
02_24-Role Based and Rule Based Access Control RBAC
|
|
|
|
|
|
|
02_25-Time of Day Restrictions
|
02_26-Federation
|
02_27-Transitive TrustAuthentication
|
02_28-Module Review
|
03. Account Management Security Controls
|
|
|
|
|
|
03_01-Module Overview
|
03_02-User with Multiple Accounts
|
03_03-Shared Accounts
|
03_04-Account Policy Management
|
|
|
|
|
|
|
03_05-Group Policy
|
03_06-Password Complexity
|
03_07-Expiration
|
03_08-Recovery
|
|
|
|
|
|
|
03_09-Disablement
|
03_10-Lockout
|
03_11-Password History
|
03_12-Password Reuse
|
|
|
|
|
|
|
03_13-Password Length
|
03_14-Generic Account Prohibition
|
03_15-Group Based Privileges
|
03_16-User Assigned Privileges
|
|
|
|
|
|
|
03_17-User Access Reviews
|
03_18-Continuous Monitoring
|
03_19-Module Review
|