ABSTRACT
CISSP Expectations ..........................................................................................2 Key Access Control Concepts ................................................................................3 Access Control Principles ....................................................................................11 Information Classi cation ...................................................................................16 Access Control Requirements ..............................................................................25 Access Control Categories ...................................................................................29 Access Control Types .......................................................................................... 34 System Access Control Strategies .........................................................................53 Identity Management ..........................................................................................92 Access Control Technologies ................................................................................99 Data Access Controls ......................................................................................... 116 Intrusion Detection and Intrusion Prevention Systems ......................................124 reats ..............................................................................................................132 Summary and Conclusion ................................................................................. 153 Review Questions ..............................................................................................154
Introduction e eld of information security is complex, dynamic, and in nitely challenging. is single discipline contains elements of advanced technology, human behavior,
business strategy, statistical analysis, mathematics, and a host of other technical and personal skills. In fact, the eld can be so complex that to categorize it for the CBK® takes ten distinct domains, each with its own unique skill and knowledge requirements. Despite all this complexity, however, the fundamental purpose of all information security e orts remains the same; to protect the con dentiality, integrity, and availability of information assets. Furthermore, the most fundamental way of doing this is to ensure that only those who have a speci c need for an asset, combined with speci c authoritative permission, will be able to access that asset.
