New Training: Security Concepts
In this 10-video skill, CBT Nuggets trainer John Munjoma covers fundamental security concepts including common vulnerabilities and access control models. Watch this new Cisco training.
Watch the full course: Cisco Certified CyberOps Associate
This training includes:
54 minutes of training
You’ll learn these topics in this skill:
The CIA Triad
Comparing Security Deployments Part 1
Comparing Security Deployments Part 2
Describing Security Terms Part 1
Describing Security Terms Part 2
Comparing Security Concepts
The Principles of Defense In-Depth Strategy
Comparing Access Control Models
Common Vulnerability Scoring System
The 5 Tuple Isolation Approach and Data Visibility
How Do Access Control Models Work?
There are three different models for describing how to control access in your network. Understanding them can be easier when you imagine your network as a real, physical building.
The first access control model is Discretionary Access Control (DAC). Imagine your computer network like a building, Discretionary Access Control would be like assigning every employee an office, and then telling them to hand out keys to their offices and filing cabinets. It’s up to each employee to decide who gets to come and go into their office and who can go into which drawers.
The second model is Role-Based Access Control. It starts with grouping everyone according to what work they do — finance, sales, IT, etc. Then, every door gets locked and managers and supervisors of each group are responsible for handing keys out to their team members — according to what rooms they might need to get into.
The last access control model is Mandatory Access Control (MAC). In our example, you’d still have employees grouped according to their job, and then you’d assign each room a security level plus a categorization of what sort of work relates to it. Then, you’d give each employee a security level. Each time an employee visits a room, a check gets done to confirm they have the right security level and work in the right category.
These are oversimplifications, but can help illustrate the different levels of effort each access control model requires from a cybersecurity perspective.