Access Control Guide
Importance: Access Control plays a crucial role in maintaining the confidentiality, integrity, and availability of information and systems by limiting access based on user's identities, roles or responsibilities.
What is it: Access Control is a security practice that regulates who or what can view or use resources. This includes physical locations and digital resources.
How it works: Access Control works through Identification, Authentication, Authorization and Accountability. Users first identify themselves, their identities are authenticated, and then they get granted access according to their authorization level. Their behaviours then can be tracked for accountability.
Exam Tips: Answering Questions on Access Control
During the exam, you should be able to identify and distinguish between various types of access controls (DACL, RBAC, ABAC etc). Be clear on the rules of Mandatory access control and discretionary access control. Understand the principle of least privilege and 'need to know' basis in access control. Remember examples of access control measures. Read and understand the question carefully before answering.