Course Name – Access Control
The course provides an in-depth study of the three main security principles: availability, integrity and confidentiality. The course examines mechanisms used to control what resources an entity can access, and the extent of the entity’s capabilities to interact with the resource. The course also examines approaches to auditing how the entity interacts with the resource.
• Define the authorization and the access to an IT infrastructure based on an access control policy framework.
• Mitigate risk to an IT infrastructure’s confidentiality, integrity, and availability with sound access controls.
• Analyze how a data classification standard impacts an IT infrastructure’s access control requirements and implementation.
• Develop an access control policy framework consisting of best practices for policies, standards, procedures, and guidelines to mitigate unauthorized access.
• Assess the consequences of failed access controls and mitigate unauthorized access.
• Apply various access control methods to solve a range of business challenges.
• Define proper security controls for information systems within IT infrastructures.
• Explore ways to secure the facilities that house sensitive resources and use biometric technology to verify identity.
• Design appropriate authentication solutions throughout an IT infrastructure based on user types and data classification standards.
• Utilize policies, standards, guidelines, and procedures to implement and maintain access control.
• Implement a secure remote access solution.
• Implement PKI and encryption solutions to ensure the confidentiality of business communications.
• Mitigate risk from unauthorized access to IT systems through proper testing and reporting.