Chapter 1

Access Control Framework

Topics
- Principal components of access control
- Identification, authentication, and authorization
- Logical access controls
- Authentication factors

Chapter 2

Buisness Drivers for Access Control

Topics
- Business requirements for asset protection
- Classification of information
- Business drivers for access control
- Privacy and privacy laws

Chapter 3

Human Nature and Organizational Behaviors

Topics
- Human nature
- Access control considerations for human resources
- Security practices for human resources
- Best practices for managing human risks

Chapter 4

Assessing Risk and its Impact on Access Control

Topics
- Terms and concepts involved with risk assessments and access control
- Risks, threats, and vulnerabilities of an IT infrastructure
- Qualitative and quantitative risk assessments
- Risk management strategies
- How value, situation, and liability affect risk assessments

Chapter 5

Access Control in the Enterprise

Topics
- Access control lists (ACLs)
- Access control models
- Single-factor and multifactor authentication
- Wireless IEEE 802.11 LANs
- Best practices for private and public sector authentication

Chapter 6

Mapping Buisness Challenges to Access Control Types

Topics
- Access controls in relation to business challenges
- Access control strategies to solve business challenges
- Access control system design principles

Chapter 7

Access Control System Implementation

Topics
- Guidelines and procedures based on standards and policies
- Identity management and access control
- Multilayer access controls
- Access controls for internal and remote employees, customers, and business partners
- Federated identities and third-party identity services

Chapter 8

Access Control of Information Systemsk

Topics
- Data at rest and data in motion
- File system access control lists
- User account type privilege management
- Authentication factors
- Supervisory control and data acquisition (SCADA) and industrial control systems (ICSs)
- Access control best practices

Chapter 9

Physical Security and Access Control

Topics
- Physical security
- Biometric access control systems that meet organizational requirements
- Technological access control solutions
- Authentication factors
- Best practices for physical access controls

Chapter 10

Access Control Solutions for Remote Workers

Topics
- Remote access solutions
- Remote access protocols with their respective applications
- Virtual private networks (VPNs)
- Secure web authentication examples
- Best practices for remote access controls

Chapter 12

Testing Access Control Systems

Topics
- System penetration testing and reporting
- System vulnerability assessment scanning and reporting
- Network and operating system (OS) discovery scan
- Scope for penetration test plan

Chapter 13

Access Control Assurance

Topics
- Components of information assurance
- Confidentiality, integrity, and availability (C-I-A) throughout an IT infrastructure
- Access control system monitoring and reporting
- Audit logs and audit trails
- Security information and event management (SIEM) interaction with access control systems

Chapter 14

Access Control Laws, Policies, and Standards

Topics
- Regulatory laws concerning unauthorized access
- Access control security policy best practices
- Organization-wide authorization and access policies
- Access control policies, standards, procedures, and guidelines

Chapter 15

Security Breaches and the Law

Topics
- U.S. federal and state compliance laws
- Costs associated with inadequate access controls
- How access controls can fail
- Security breaches and their implications

Week 1 - Wednesday

Access Control Fundamentals

Week 2 - Monday

Business Drivers

Week 2 - Wednesday

Linux Access Control

Week 3 - Monday

More Human than Human