Join Mike Chapple for an in-depth discussion in this video Advanced authorization concepts, part of CompTIA Security+ Exam Prep (SY0-401): Access Control and Identity Management.
- As we wrap up our discussion of authorization concepts,…let's talk about a few advanced issues…related to authorization in an access control system.…We need to discuss the implicit deny principle…rule based authorization, role-based authorization,…and time of day restrictions.…The Implicit Deny Principle,…otherwise known as Default Deny,…is one of the foundational principles…of access control systems.…It says that anything that is not explicitly allowed…should be denied.…
If a computer system doesn't have explicit instructions…on how to handle a situation,…it should default to denying access.…Firewalls are a common example…of the default deny principle in action.…When a firewall receives a connection request,…it first consults its rules to determine whether a rule…explicitly addresses this situation.…If the firewall finds a matching rule,…it carries out the action specified by that rule.…If the firewall does not have explicit guidance…on handling a request, it blocks the connection.…
The default deny principle…
Author Mike Chapple, an IT leader with over 15 years experience, introduces identification methods such as usernames and biometrics, as well as authentication methods to verify users, including multifactor authentication, password authentication, and single sign-on. He also discusses authorization concepts such as mandatory and discretionary access controls, which can help you restrict access to sensitive parts of your network. The course also covers best practices for ongoing account management, such as establishing a good password policy, managing user roles, and monitoring accounts, and what to do when you need to suspend or terminate access.
NOTE: We are now a CompTIA Content Publishing Partner. Our training prepares members to pass CompTIA certification exams and become qualified IT professionals. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- Setting policies for usernames and access cards
- Implementing biometrics
- Combining authentication factors for multifactor authentication
- Using a Kerberos access control system
- Using access control lists such as Windows NTFS file permissions
- Role-based authorization
- Implementing account and password policies
Skill Level Intermediate
Q: This course was updated on 04/14/2016. What changed?
A: We updated one tutorial to address the November 2015 security update to Kerberos.