week 3 and 4
Week 3
LAB 5:
Access control, authentication, and public key infrastructure
Managing human resources risks
Roles Involved in User Access Control Management
Best Practices for Managing Human Risks
· Make security practices common knowledge.
· Promote a culture of open discussion.
· Encourage creative risk taking.
· Manage change over time.
Employee Training and Security Awareness
LAB 6:
Implementing infrastructure controls
Access Control for Information Systems
Layered Infrastructure Access Contro
Roles Involved in Layered Infrastructure Access Controls
· System owner
· Network administrator
· System administrator
· Application owner
· Data owner
· User
File System Control and Implementation
Domain
· Privileged and standard user accounts
· ACLs
· Infrastructure
Week 4
Human nature contribution to access controls
Access controls organizational model
Separation of duties and access control success
Responsibilities of access owners
Employee training contribution to access control
Best practices for handling human nature and organizational behavior
Access control protection for data, file systems, and executable