Your browser doesn't support the features required by impress.js, so you are presented with a simplified version of this presentation.

For the best experience please use the latest Chrome, Safari or Firefox browser.

Chapters 13 & 14

Access Management


Access control

Subjects vs Objects

Access control types

Access control implementations

IT Loss Types





Authentication factor types

  1. Something you know
  2. Something you have
  3. Something you are/do
  4. Somewhere you are

Type 2


Multifactor Authentication

Device Authentication

Identity Management

Single Sign On (SSO)

Lightweight Directory Access Protocol: LDAP

Ticket authentication

Federated Identity Management

Credential Storage Systems

Session management

AAA Protocols

Identity and Access Provisioning Life Cycle

Access control issues

Authorization Mechanisms

Discretionary Access Controls

Non-discretionary Access Controls

Risk Elements

Access Control Attacks