5/21/2018 NT2580 Week 3, Discussion 3-1(2)

1/3

Davonte BrownUnit 3 decision

ITT Technical Institute3825 West Cheyenne Avenue, Suite 600

North Las Veas, Neva!a 8"032

NT2580 Intro!uction to In#or$ation Security

Wee% 3, &nit 3 ' A((ro(riate Access Controls #or Syste$s, A((lications an! )ata Access

AssignmentUnit 3 Discussion 1: Access Control Models

Learnin *+ectives an! *utco$es

You will learn about access control models for different scenarios.

Assin$ent -e.uire$ents

In this assignment, you have a handout on the access control models. Read the handout and discuss it with your

classmates to collect answers for the following questions

!elect an access control model that best "revents unauthori#ed access for each of the five scenarios given in t

wor$sheet.

%hich ty"es of logical access controls should be used in each scenario& 'ustify your recommendations.

Res"ond to at least two other students( views to engage in a meaningful debate regarding their choices or to defend yo

choice.

-e.uire! -esources

%or$sheet )ccess *ontrol +odels

Su+$ission -e.uire$ents

ormat +icrosoft %ord

ont -imes ew Roman, !i#e /0, Double1!"ace

*itation !tyle )2) v0

4ength /50 "ages

Due By 2rior to de"arting class today

Sel#/Assess$ent Chec%list

I have correctly selected an access control model that best "revents an unauthori#ed access for each of the fiv

scenarios given in the wor$sheet.

I have selected the correct ty"es of logical access controls that should be used in each scenario.

I have included 6ustifications for my recommendations.

-0789 Intro to Information !ecurity 2age / of 3 %ee$ 3, Unit 3!teve -odd

5/21/2018 NT2580 Week 3, Discussion 3-1(2)

2/3

Davonte BrownUnit 3 decision

I have res"onded to at least two other students( views.

Access control is basically identifying a person doing a specific job, authenticating them by looking at th

identification, then giving that person only the key to the door or computer that they need access to and

nothing more. In the world of information security, one would look at this as granting an individual

permission to get onto a network via a user-name and password, allowing them access to files, computers

other hardware or software the person requires, and ensuring they have the right level of permission to do

their job. So, how does one grant the right level of permission to an individual so that they can perform th

duties !his is where access control models come into the picture.

Access control models have four flavors" #andatory Access $ontrol %#A$&, 'ole (ased Access $ontrol

%'(A$&, )iscretionary Access $ontrol %)A$&, and 'ule (ased Access $ontrol %'(A$ or '(-'(A$&.

*et+s look at each of these and what they entail.

*ogical access in I! is often defined as interactions with hardware through remote access. !his type of

access generally features identification, authentication and authoriation protocols. !his is often contraste

with the term physical access, which refers to interactions with hardware in the physical environment,

where equipment is stored and used. (usinesses, organiations and other entities use a wide spectrum of

logical access controls to protect hardware from unauthoried. 'emote access. !hese can include

sophisticated password programs, advanced biometric security features, or any other setups that effective

identify and screen users at any administrative level.

!he particular logical access controls used in a given facility and hardware infrastructure partially depend

on the nature of the entity that owns and administrates the hardware setup.

overnment logical access security is often different from business logical access security, where federa

agencies may have specific guidelines for controlling logical access. /sers may be required to hold secur

clearances or go through other screening procedures that complement secure password or biometric

-0789 Intro to Information !ecurity 2age 0 of 3 %ee$ 3, Unit 3!teve -odd

5/21/2018 NT2580 Week 3, Discussion 3-1(2)

3/3

Davonte BrownUnit 3 decision

functions. !his is all part of protecting the data kept on a specific hardware setup. I choose this e0piation

because when it comes to physical access it can be an easy fi0 just by looking at the hardware of the

computer. I could just be unplugged are missing a part. 1ne you solve that problem you+ll be fine. !hat w

my essay hope you enjoyed.

http://resources.infosecinstitute.com/access-control-models-and-methods/

http://www.techopedia.com/definition/23926/logical-access

-0789 Intro to Information !ecurity 2age 3 of 3 %ee$ 3, Unit 3!teve -odd

http://resources.infosecinstitute.com/access-control-models-and-methods/http://resources.infosecinstitute.com/access-control-models-and-methods/