Abstract
Access Control, the topic of this chapter and Domain 1 of the CISSP, presents numerous critically important terms and concepts that permeate several domains. This chapter introduces the CIA triad of confidentiality, integrity, and availability, which are touched upon in virtually every domain and chapter. In addition to CIA, concepts such as the principle of least privilege and need to know are presented. The application of these principles in the form of access control models such as Mandatory Access Control (MAC), Discretionary Access Control (DAC), and Role-Based Access Control (RBAC) represents a significant amount of this domainโs material. Understanding the key categories of access control defenses, preventive, detective, corrective, recovery, deterrent, and compensating controls, is necessary for this and numerous other domains. The final major content area in this chapter is dealing with authentication by introducing methods, protocols, and concepts related to ensuring and identity claim can be validated appropriately.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
