The objective of this chapter is to provide the reader with an understanding of the following:

Domain 1.0: General Security Concepts – 30%

1.1. Recognize and be able to differentiate and explain the following access control models:

• MAC (Mandatory Access Control
  
  
• DAC (Discretionary Access Control
  
  
• RBAC (Role Based Access Control)

1.2 Recognize and be able to differentiate and explain the following methods of authentication:

• Kerberos; CHAP (Challenge Handshake Authentication Protocol)
  
  
• Certificates; Username / Password; Tokens; Multi-factor; Mutual; Biometrics

1.3 Identify non-essential services and protocols and know what actions to take to reduce the risks of those services and protocols.

1.4 Recognize the following attacks and specify the appropriate actions to take to mitigate vulnerability and risk:

• DOS / DDOS (Denial of Service / Distributed Denial of Service)
  
  
• Back Door; Spoofing; Man in the Middle; Replay; TCP/IP Hijacking
  
  
• Weak Keys; Mathematical; Social Engineering; Birthday
  
  
• Password Guessing (Brute Force & Dictionary); Software Exploitation

1.5 Recognize the following types of malicious code and specify the appropriate actions to take to mitigate vulnerability and risk:

• Viruses; Trojan Horses; Logic Bombs; Worms

1.6 Understand the concept of and know how reduce the risks of social engineering.

1.7 Understand the concept and significance of auditing, logging and system scanning.

Quick navigation to subsections and regular topics in this section

• Getting Ready for Chapter 1 - Questions
• Getting Ready for Chapter 1 - Answers
• 1.0  General Security Concepts
• 1.1  Access Control
• 1.2  Authentication
• 1.3  Non-Essential Services and Protocols (Parts: 1 2 )
• Pop Quiz 1.1 (Parts: 1 2 )
• 1.4  Attacks
• 1.5  Malicious Code
• 1.6  Social Engineering
• Pop Quiz 1.2 (Parts: 1 2 )
• 1.7  Auditing
• 1.8  Summary
• 1.9  Success Questions
• 1.10  Success Answers