Effective access control systems enforce the principle of accountability. Each action taken on a system can be clearly traced back to an individual user without any ambiguity. Administrators can clearly tell who performed an action and the individual can deny responsibility for that action. In this video, learn how access control systems enforce accountability.
- [Presenter] Effective access control systems enforce…the principle of accountability.…Accountability means that every action taken on a system…can be clearly traced back to an individual user…without any ambiguity.…Administrators can clearly tell who performed an action and…the individual can't deny responsibility for that action.…There are two prerequisites for ensuring accountability.…And they are two of the fundamental requirements…for any access control system.…The first is identification.…
Each user of the system must be identified…by a unique identifier, such as a username.…The system and organizational policies must not allow…the use of any shared, departmental or generic accounts.…If two individuals do share an account,…the system cannot distinguish between them…and either of the two users can simply blame the other…for any action taken under the shared account.…Without identification, there is no accountability.…The second important principle is authentication.…
Every account on the system…must be protected by strong authentication,…
You can sign up for Mike's free study group at certmike.com, and find his study guides at the Sybex test prep site. To review the complete CISSP Body of Knowledge, visit https://www.isc2.org/cissp-domains/default.aspx.
Note: This course is part of a series releasing throughout 2018. A complete learning path will be available once all the courses are released.
- Identity and access management overview
- Identification mechanisms: user names, access cards, biometrics, and registration
- Authentication factors
- Password authentication protocols
- Identity as a service (IDaaS)
- Enforcing accountability
- Managing credentials with policies
- Using access control lists
- Defending against access control attacks
Skill Level Advanced
1. Identity and Access Management
5. Credential Management
7. Access Control Attacks
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.