Chapter 5
Access Control and Identity Management
COMPTIA SECURITY+ EXAM OBJECTIVES COVERED IN THIS CHAPTER INCLUDE THE FOLLOWING:
- 5.1 Explain the function and purpose of authentication services.
- RADIUS
- TACACS
- TACACS+
- Kerberos
- LDAP
- XTACACS
- 5.2 Explain the fundamental concepts and best practices related to authentication, authorization, and access control.
- Identification vs. authentication
- Authentication (single factor) and authorization
- Multifactor authentication
- Biometrics
- Tokens
- Common access card
- Personal identification verification card
- Smart card
- Least privilege
- Separation of duties
- Single sign-on
- ACLs
- Access control
- Mandatory access control
- Discretionary access control
- Role/rule-based access control
- Implicit deny
- Time of day restrictions ...