Waleed Elnaggar, profile picture
Uploaded byWaleed Elnaggar
347 views

CC 3-3 Logical access controls.pdf

This document discusses access control concepts and models. It covers physical and logical access controls, as well as different control types like technical controls and federated identity. Access control models described include discretionary access control (DAC), mandatory access control (MAC), role-based access control (RBAC), rule-based access control (RuBAC), and attribute-based access control (ABAC). Administrative access controls like job rotation and mandatory vacation are also mentioned.

Education
In this document
Powered by AI

Introduction to Access Control Concepts covering physical and logical aspects.

Overview of control categories and types relevant to access control.

Technical controls include hardware/software like firewalls and IDS for system protection.

Federated identity allows secure access to multiple applications with one set of credentials.

Discussion on different access control models used in various security frameworks.

DAC restricts access based on user identity; utilizes access control lists.

Advantages include user-friendliness and flexibility; downsides involve low data protection.

MAC employs classification labels for access based on subjects’ clearance levels.

RBAC assigns privileges to roles for managing permissions efficiently.

RuBAC applies rules to determine acceptable actions based on time, location, etc.

ABAC creates access rules using Boolean logic to define conditions for actions.

Administrative controls include job rotation, mandatory vacation, NDAs, and background checks.

Conclusion of the presentation with reference to resource links.

Embed presentation

Domain 3 – Access Control Concepts 3.1: Access Control Concepts 3.2: Physical access controls 3.3: Logical access controls Waleed Elnaggar https://www.youtube.com/naggaracademy
Categories of Controls https://www.youtube.com/naggaracademy
Control Types https://www.youtube.com/naggaracademy
Technical Control https://www.youtube.com/naggaracademy  Technical controls consist of the hardware and software components that protect a system.  Firewalls, intrusion detection systems (IDS), encryption, and identification and authentication mechanisms are examples of technical controls
Federated Identity https://www.youtube.com/naggaracademy  Federated identity allows authorized users to access multiple applications and domains using a single set of credentials.  It links a user's identity across multiple identity management systems so they can access different applications securely and efficiently.
Access Control Models https://www.youtube.com/naggaracademy
Discretionary access control (DAC) https://www.youtube.com/naggaracademy  Discretionary access control is the principle of restricting access to objects based on the identity of the subject (the user or the group to which the user belongs).  Discretionary access control is implemented using access control lists.  DAC shouldn’t be used by organizations that work with extremely sensitive data (medical, financial, military, etc.)
Discretionary access control (DAC) https://www.youtube.com/naggaracademy Pros Cons  User-friendly — Users can manage their data and quickly access data of other users.  Flexible — Users can configure data access parameters without administrators.  Easy to maintain — Adding new objects and users doesn’t take much time for the administrator.  Granular — Users can configure access parameters for each piece of data.  Low level of data protection — DAC can’t ensure reliable security because users can share their data however they like.  Obscure access management — There’s no centralized access management, so in order to find out access parameters, you have to check each ACL.  Overlay of user privileges— A permissions conflict may happen with users of multiple nested workgroups.
Mandatory Access Control (MAC) https://www.youtube.com/naggaracademy  Relies on the use of classification labels. Each classification label represents a security domain, or a realm of security.  Subjects are granted access level (clearance)  Access is allowed when subject access level matches object access label.  Centralized  Confidentiality is important
Role-Based Access Control (RBAC) https://www.youtube.com/naggaracademy  Administrators assign privileges to the roles rather than users.  Enforce the principle of least privilege by preventing  privilege creep  Administrators can easily revoke unneeded privileges  Useful in dynamic environments with frequent personnel changes
Rule-Based Access Control (RuBAC) https://www.youtube.com/naggaracademy  Uses a set of rules, restrictions, or filters to determine what can and cannot occur on a system  Time, location, date, sequence, etc.
Attribute-based Access Control (ABAC) https://www.youtube.com/naggaracademy ABAC uses Boolean logic to create access rules containing if-then statements, which define the user, the request, the resource, and the action. For example, if the requester is an accountant, then allow read-write access to financial data.
Administrative Access Control https://www.youtube.com/naggaracademy  Job Rotation  Mandatory Vacation  Non-Disclosure Agreement (NDA)  Background Check
https://www.youtube.com/naggaracademy

More Related Content

PDF
CIA-Triad-Presentation.pdf
byBabyBoy55
 
PPTX
Whitman_Ch05.pptx
bySiphamandla9
 
PPT
Role based access control
byPeter Edwards
 
PPT
Information Security Principles - Access Control
byidingolay
 
PDF
Footprinting
byDuah John
 
PPTX
XML Signature
byPrabath Siriwardena
 
PDF
Secure Session Management
byGuidePoint Security, LLC
 
PPTX
Online quiz system
bySatyaki Mitra
 
CIA-Triad-Presentation.pdf
byBabyBoy55
 
Whitman_Ch05.pptx
bySiphamandla9
 
Role based access control
byPeter Edwards
 
Information Security Principles - Access Control
byidingolay
 
Footprinting
byDuah John
 
XML Signature
byPrabath Siriwardena
 
Secure Session Management
byGuidePoint Security, LLC
 
Online quiz system
bySatyaki Mitra
 

What's hot

PDF
OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...
byLenur Dzhemiliev
 
PDF
The Unintended Risks of Trusting Active Directory
byWill Schroeder
 
PPTX
Access Controls
byprimeteacher32
 
PPT
Ch08 Authentication
byInformation Technology
 
PDF
The Essentials | Privileged Access Management
byRyan Gallavin
 
PDF
Palo Alto VM-100 Configuration Lab
byMykhaylo Skrypka
 
PPT
Fortigate Training
byNCS Computech Ltd.
 
PDF
HIPAA HiTech Security Assessment
bydata brackets
 
PPTX
Scada Industrial Control Systems Penetration Testing
byYehia Elghaly
 
PPTX
Footprinting and reconnaissance
byNishaYadav177
 
PPTX
Octave
byAmar Myana
 
PPT
Sql injection attack
byRajKumar Rampelli
 
PPTX
Sql injection - security testing
byNapendra Singh
 
PDF
Cybersecurity in Industrial Control Systems (ICS)
byJoan Figueras Tugas
 
PPT
Fortinet FortiOS 5 Presentation
byNCS Computech Ltd.
 
PPTX
Snmp protocol
byEM Kautsar
 
PDF
SAML Protocol Overview
byMike Schwartz
 
PPTX
Authentication, authorization, accounting(aaa) slides
byrahul kundu
 
PPTX
John the ripper & hydra password cracking tool
byMd. Raquibul Hoque
 
PPT
Network management
byMohd Arif
 
OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...
byLenur Dzhemiliev
 
The Unintended Risks of Trusting Active Directory
byWill Schroeder
 
Access Controls
byprimeteacher32
 
Ch08 Authentication
byInformation Technology
 
The Essentials | Privileged Access Management
byRyan Gallavin
 
Palo Alto VM-100 Configuration Lab
byMykhaylo Skrypka
 
Fortigate Training
byNCS Computech Ltd.
 
HIPAA HiTech Security Assessment
bydata brackets
 
Scada Industrial Control Systems Penetration Testing
byYehia Elghaly
 
Footprinting and reconnaissance
byNishaYadav177
 
Octave
byAmar Myana
 
Sql injection attack
byRajKumar Rampelli
 
Sql injection - security testing
byNapendra Singh
 
Cybersecurity in Industrial Control Systems (ICS)
byJoan Figueras Tugas
 
Fortinet FortiOS 5 Presentation
byNCS Computech Ltd.
 
Snmp protocol
byEM Kautsar
 
SAML Protocol Overview
byMike Schwartz
 
Authentication, authorization, accounting(aaa) slides
byrahul kundu
 
John the ripper & hydra password cracking tool
byMd. Raquibul Hoque
 
Network management
byMohd Arif
 

Similar to CC 3-3 Logical access controls.pdf

PPT
2. access control
by7wounders
 
PDF
Chapter 3 access control fundamental i
bySyaiful Ahdan
 
PPT
Attribute Based Access Control
byChandra Sharma
 
PPT
4_5949547032388570388.ppt
byMohammedMohammed578197
 
PPTX
484444398-Chapter-11-Access-Control-Fundamentals.pptx
bysomeoneelse1981
 
PPTX
Access Control for Database Priciples IS
byerricnocteam
 
PPTX
Access Control in internet and computer science.pptx
bymoromoro8
 
PPT
Chapter 5-Security Mechanisms and Techniques.ppt
byLina Shimelis
 
PPTX
Access-Controls System Integragation Administration.pptx
bywenzduke3098
 
PPTX
009 Authentication and Access Control.pptx
byAssadLeo1
 
PPTX
Access Control Methods presentation.pptx
byGrade One Essays
 
PDF
Access Control Fundamentals
bySetiya Nugroho
 
PPT
Access control mechanism (DAC, MAC and RBAC).ppt
byDAKSHATAPANCHAL2
 
PPTX
Lecture-12-ACL_information_Security.pptx
byhomecooking511
 
PPT
access control information security professor hossein saiedian fall 2014
bymaneltighiouart7
 
PPT
AccessControl.ppt
byDAKSHATAPANCHAL2
 
PPT
Access control3
byAwhydot
 
PPT
Access control3
byAwhydot
 
PPTX
Types_of_Access_Controlsggggggggggggggggg
bySaurabh846965
 
PDF
access-control-week-2
byjemtallon
 
2. access control
by7wounders
 
Chapter 3 access control fundamental i
bySyaiful Ahdan
 
Attribute Based Access Control
byChandra Sharma
 
4_5949547032388570388.ppt
byMohammedMohammed578197
 
484444398-Chapter-11-Access-Control-Fundamentals.pptx
bysomeoneelse1981
 
Access Control for Database Priciples IS
byerricnocteam
 
Access Control in internet and computer science.pptx
bymoromoro8
 
Chapter 5-Security Mechanisms and Techniques.ppt
byLina Shimelis
 
Access-Controls System Integragation Administration.pptx
bywenzduke3098
 
009 Authentication and Access Control.pptx
byAssadLeo1
 
Access Control Methods presentation.pptx
byGrade One Essays
 
Access Control Fundamentals
bySetiya Nugroho
 
Access control mechanism (DAC, MAC and RBAC).ppt
byDAKSHATAPANCHAL2
 
Lecture-12-ACL_information_Security.pptx
byhomecooking511
 
access control information security professor hossein saiedian fall 2014
bymaneltighiouart7
 
AccessControl.ppt
byDAKSHATAPANCHAL2
 
Access control3
byAwhydot
 
Access control3
byAwhydot
 
Types_of_Access_Controlsggggggggggggggggg
bySaurabh846965
 
access-control-week-2
byjemtallon
 

More from Waleed Elnaggar

PDF
CC 3-1 Access Control Concepts.pdf
byWaleed Elnaggar
 
PDF
CC 1-2 Risk Management.pdf
byWaleed Elnaggar
 
PDF
CC 2-1 Incident response.pdf
byWaleed Elnaggar
 
PDF
CC 1-3 Security Controls.pdf
byWaleed Elnaggar
 
PDF
CC 3-2 Physical access controls.pdf
byWaleed Elnaggar
 
PPT
Introduction to Project Management
byWaleed Elnaggar
 
PDF
CC 4-1A computer networking (Part 1).pdf
byWaleed Elnaggar
 
PDF
CC 1-1 Concepts of InfoSec.pdf
byWaleed Elnaggar
 
PDF
CC 1-5 Governance.pdf
byWaleed Elnaggar
 
PDF
CC 0-1 Introduction.pdf
byWaleed Elnaggar
 
PDF
CC 2-3 Disaster Recovery.pdf
byWaleed Elnaggar
 
PDF
PMP Application - Step by Step
byWaleed Elnaggar
 
PDF
Shopping World - A Project Planning Case
byWaleed Elnaggar
 
CC 3-1 Access Control Concepts.pdf
byWaleed Elnaggar
 
CC 1-2 Risk Management.pdf
byWaleed Elnaggar
 
CC 2-1 Incident response.pdf
byWaleed Elnaggar
 
CC 1-3 Security Controls.pdf
byWaleed Elnaggar
 
CC 3-2 Physical access controls.pdf
byWaleed Elnaggar
 
Introduction to Project Management
byWaleed Elnaggar
 
CC 4-1A computer networking (Part 1).pdf
byWaleed Elnaggar
 
CC 1-1 Concepts of InfoSec.pdf
byWaleed Elnaggar
 
CC 1-5 Governance.pdf
byWaleed Elnaggar
 
CC 0-1 Introduction.pdf
byWaleed Elnaggar
 
CC 2-3 Disaster Recovery.pdf
byWaleed Elnaggar
 
PMP Application - Step by Step
byWaleed Elnaggar
 
Shopping World - A Project Planning Case
byWaleed Elnaggar
 

Recently uploaded

PDF
The voice of the rain poem class 11th.pdf
byReeta Baral
 
PPTX
Accounting Skills Paper-II (Registers of PACs and Credit Co-operative Societies)
byDr. Sushil Bansode
 
PPTX
AN EXTREMELY BORING GENERAL QUIZ FOR UG.pptx
bySriramG47
 
PPTX
Pig- piggy bank in Big Data Analytics.ppt.pptx
byVarshini M
 
PDF
Biology Practical Class 12th 2025 PDF(2)-2-52.pdf
bySCPRPWomenCollegeChi
 
PPTX
PARENTAL ROUTES OF DRUGS ADMINISTRATION .pptx
byAneetaSharma15
 
PPTX
Overview of how to Create a Model in Odoo 18
byCeline George
 
PDF
Scalable-MADDPG-Based Cooperative Target Invasion for a Multi-USV System.pdf
byMan_Ebook
 
PPTX
The Cell & Cell Cycle-detailed structure and function of organelles.pptx
byAshish Umale
 
PPTX
How to Track a Link Using Odoo 18 SMS Marketing
byCeline George
 
PPTX
How to Manage Package Reservation in Odoo 18 Inventory
byCeline George
 
PDF
Risk management in Moroccan public hospitals_ a literature review
byMan_Ebook
 
PPTX
Steve Hale - Developing Elite Young Goalkeepers 2024.pptx
bypjmfd
 
PDF
M.Sc. Nonchordates Complete Syllabus PPT | All Important Topics Covered
byKNIPSS SULTANPUR
 
PPTX
Semester 6 Unit 2 Club foot (talipes).pptx
bysachin7989
 
PDF
Using Charts and Tables in Presenting Data
byThelma Villaflores
 
PDF
International Men's Day Event: Breaking the Silence: Embracing Vulnerability ...
byAssociation for Project Management
 
PPTX
REVISED DEFENSE MECHANISM / ADJUSTMENT MECHANISM-FINAL
byShimla
 
PDF
Cultivating Greatness Pune's Best Preschools and Schools.pdf
byWellington College
 
PPTX
ATTENTION -PART 2.pptx Shilpa Hotakar for I semester BSc students
bySHILPA HOTAKAR
 
The voice of the rain poem class 11th.pdf
byReeta Baral
 
Accounting Skills Paper-II (Registers of PACs and Credit Co-operative Societies)
byDr. Sushil Bansode
 
AN EXTREMELY BORING GENERAL QUIZ FOR UG.pptx
bySriramG47
 
Pig- piggy bank in Big Data Analytics.ppt.pptx
byVarshini M
 
Biology Practical Class 12th 2025 PDF(2)-2-52.pdf
bySCPRPWomenCollegeChi
 
PARENTAL ROUTES OF DRUGS ADMINISTRATION .pptx
byAneetaSharma15
 
Overview of how to Create a Model in Odoo 18
byCeline George
 
Scalable-MADDPG-Based Cooperative Target Invasion for a Multi-USV System.pdf
byMan_Ebook
 
The Cell & Cell Cycle-detailed structure and function of organelles.pptx
byAshish Umale
 
How to Track a Link Using Odoo 18 SMS Marketing
byCeline George
 
How to Manage Package Reservation in Odoo 18 Inventory
byCeline George
 
Risk management in Moroccan public hospitals_ a literature review
byMan_Ebook
 
Steve Hale - Developing Elite Young Goalkeepers 2024.pptx
bypjmfd
 
M.Sc. Nonchordates Complete Syllabus PPT | All Important Topics Covered
byKNIPSS SULTANPUR
 
Semester 6 Unit 2 Club foot (talipes).pptx
bysachin7989
 
Using Charts and Tables in Presenting Data
byThelma Villaflores
 
International Men's Day Event: Breaking the Silence: Embracing Vulnerability ...
byAssociation for Project Management
 
REVISED DEFENSE MECHANISM / ADJUSTMENT MECHANISM-FINAL
byShimla
 
Cultivating Greatness Pune's Best Preschools and Schools.pdf
byWellington College
 
ATTENTION -PART 2.pptx Shilpa Hotakar for I semester BSc students
bySHILPA HOTAKAR
 

CC 3-3 Logical access controls.pdf

  • 1.
    Domain 3 –Access Control Concepts 3.1: Access Control Concepts 3.2: Physical access controls 3.3: Logical access controls Waleed Elnaggar https://www.youtube.com/naggaracademy
  • 2.
  • 3.
  • 4.
    Technical Control https://www.youtube.com/naggaracademy  Technicalcontrols consist of the hardware and software components that protect a system.  Firewalls, intrusion detection systems (IDS), encryption, and identification and authentication mechanisms are examples of technical controls
  • 5.
    Federated Identity https://www.youtube.com/naggaracademy  Federatedidentity allows authorized users to access multiple applications and domains using a single set of credentials.  It links a user's identity across multiple identity management systems so they can access different applications securely and efficiently.
  • 6.
  • 7.
    Discretionary access control(DAC) https://www.youtube.com/naggaracademy  Discretionary access control is the principle of restricting access to objects based on the identity of the subject (the user or the group to which the user belongs).  Discretionary access control is implemented using access control lists.  DAC shouldn’t be used by organizations that work with extremely sensitive data (medical, financial, military, etc.)
  • 8.
    Discretionary access control(DAC) https://www.youtube.com/naggaracademy Pros Cons  User-friendly — Users can manage their data and quickly access data of other users.  Flexible — Users can configure data access parameters without administrators.  Easy to maintain — Adding new objects and users doesn’t take much time for the administrator.  Granular — Users can configure access parameters for each piece of data.  Low level of data protection — DAC can’t ensure reliable security because users can share their data however they like.  Obscure access management — There’s no centralized access management, so in order to find out access parameters, you have to check each ACL.  Overlay of user privileges— A permissions conflict may happen with users of multiple nested workgroups.
  • 9.
    Mandatory Access Control(MAC) https://www.youtube.com/naggaracademy  Relies on the use of classification labels. Each classification label represents a security domain, or a realm of security.  Subjects are granted access level (clearance)  Access is allowed when subject access level matches object access label.  Centralized  Confidentiality is important
  • 10.
    Role-Based Access Control(RBAC) https://www.youtube.com/naggaracademy  Administrators assign privileges to the roles rather than users.  Enforce the principle of least privilege by preventing  privilege creep  Administrators can easily revoke unneeded privileges  Useful in dynamic environments with frequent personnel changes
  • 11.
    Rule-Based Access Control(RuBAC) https://www.youtube.com/naggaracademy  Uses a set of rules, restrictions, or filters to determine what can and cannot occur on a system  Time, location, date, sequence, etc.
  • 12.
    Attribute-based Access Control(ABAC) https://www.youtube.com/naggaracademy ABAC uses Boolean logic to create access rules containing if-then statements, which define the user, the request, the resource, and the action. For example, if the requester is an accountant, then allow read-write access to financial data.
  • 13.
    Administrative Access Control https://www.youtube.com/naggaracademy Job Rotation  Mandatory Vacation  Non-Disclosure Agreement (NDA)  Background Check
  • 14.