Join Mike Chapple for an in-depth discussion in this video Mandatory access controls, part of CompTIA Security+ Exam Prep (SY0-401): Access Control and Identity Management.
- View Offline
- Mandatory access control systems…are the most stringent type of access control.…In mandatory access control, or MAC systems,…the operating system itself…restricts the permissions that may be granted…to users and processes on system resources.…Users themselves cannot modify permissions.…For this reason, MAC is rarely fully implemented…on production systems outside of highly secure environments.…MAC is normally implemented…as a rule-based access control system…where users and resources have labels…and the operating system makes access control decisions…by comparing those labels.…
The most common example…of an operating system implementing MAC…is Security-Enhanced Linux, or SELinux.…A Linux kernel security module…developed by the US National Security Agency in the 1990s…and included in some Linux distributions,…including Red Hat Enterprise Linux, Centos, and Fedora.…As far as the Security+ exam goes,…that's really all you need to know about…mandatory access controls,…but I'd like to give you a little more insight…
Author Mike Chapple, an IT leader with over 15 years experience, introduces identification methods such as usernames and biometrics, as well as authentication methods to verify users, including multifactor authentication, password authentication, and single sign-on. He also discusses authorization concepts such as mandatory and discretionary access controls, which can help you restrict access to sensitive parts of your network. The course also covers best practices for ongoing account management, such as establishing a good password policy, managing user roles, and monitoring accounts, and what to do when you need to suspend or terminate access.
NOTE: We are now a CompTIA Content Publishing Partner. Our training prepares members to pass CompTIA certification exams and become qualified IT professionals. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- Setting policies for usernames and access cards
- Implementing biometrics
- Combining authentication factors for multifactor authentication
- Using a Kerberos access control system
- Using access control lists such as Windows NTFS file permissions
- Role-based authorization
- Implementing account and password policies