Page 60 - StudyBook.pdf
P. 60
44 Chapter 1 • General Security Concepts: Access Control, Authentication, and Auditing
Summary of Exam Objectives
In this chapter, you worked on concepts tested in the Security+ exam relating to
general security concepts.These objectives include having a working knowledge of
the concepts of AAA.These concepts are widely used to support the concept of
CIA, by providing the methodology to protect resources and track the access given
to them.
We found that as we looked at the separate components of AAA, there were a
number of ways to accomplish the goal of controlling the security of our networks
and systems by using the appropriate methodologies.We discovered that we have
three distinct methods of providing access control. MACs are rules that are defined
and hard-coded into operating systems and applications to allow or deny access to
services or applications. In the case of DAC, the user or service that owns an
object, such as a file, has control of who or what else has the ability to access the
file or object, and at what level. Finally, we explored the capabilities of RBAC.This
method, while requiring much more initial design and administrative resources to
set up, allowed us to refine and sharpen the level of access based on job function,
rather than the more general group concept used in the past.This method allows
much more flexibility in definition of the access level.
We looked at the concept of authentication and found that there are a number
of different methods that can be used to authenticate.We looked at the danger of
cleartext username and password transmission on our networks, and a number of
methods that provide for a stronger verification of the entity requesting the use of
our systems or resources. In the realm of authentication, we also looked at the con-
cept of realms and the way they are used by Kerberos to provide authentication
services. Certificates, and the CA hierarchy that goes with them, can be used to
verify the authenticity of machines, users, software, and communications.We also
viewed the concept of using third-party authentication tools such as multi-factor
authentication, which can be provided by the use of a PIN and identification card,
Token technologies, and the use of biometrics and biometric devices.
Further exploration of the AAA components led us to discuss and work with
the concept of auditing. It is important to define the appropriate policy that con-
trols, monitors and evaluates the activity that is occurring in and on our systems.
This includes monitoring the conditions of access and the authorization processes
to ensure the appropriate levels of control are maintained throughout the system.
We learned that it is important to maintain appropriate records, to control access to
those records, and to analyze them appropriately to help determine the condition
of the system.
www.syngress.com
