IT Security/Access Control/Authentication and Authorization

This lesson covers authentication and authorization.

Objectives and Skills
Objectives and skills for the authentication and authorization of Security+ certification include:
 * Given a scenario, select the appropriate authentication, authorization or access control.
 * Identification vs. authentication vs. authorization
 * Authorization
 * Least privilege
 * Separation of duties
 * ACLs
 * Mandatory access
 * Discretionary access
 * Rule-based access control
 * Role-based access control
 * Time of day restrictions
 * Authentication
 * Tokens
 * Common access card
 * Smart card
 * Multifactor authentication
 * TOTP
 * HOTP
 * CHAP
 * PAP
 * Single sign-on
 * Access control
 * Implicit deny
 * Trusted OS
 * Authentication factors
 * Something you are
 * Something you have
 * Something you know
 * Somewhere you are
 * Something you do
 * Identification
 * Biometrics
 * Personal identification verification card
 * Username
 * Federation
 * Transitive trust/authentication

Multimedia

 * 1) YouTube: Identification, Authentication, and Authorization - CompTIA Security+ SY0-401: 5.2
 * 2) YouTube: Authorization and Access Control - CompTIA Security+ SY0-401: 5.2
 * 3) YouTube: Single-factor Authentication - CompTIA Security+ SY0-401: 5.2
 * 4) YouTube: Multi-factor Authentication - CompTIA Security+ SY0-401: 5.2
 * 5) YouTube: One-time Password Algorithms - CompTIA Security+ SY0-401: 5.2
 * 6) YouTube: CHAP and PAP - CompTIA Security+ SY0-401: 5.2
 * 7) YouTube: Single Sign-on - CompTIA Security+ SY0-401: 5.2
 * 8) YouTube: Federation and Transitive Trust - CompTIA Security+ SY0-401: 5.2