Davonte Brown

Unit 3 decision
ITT Technical Institute
3825 West Cheyenne Avenue, Suite 600
North Las Veas, Neva!a 8"032
NT2580 Intro!uction to In#or$ation Security
Wee% 3, &nit 3 ' A((ro(riate Access Controls #or Syste$s, A((lications an! )ata Access
Assignment
Unit 3 Discussion 1: Access Control Models
Learnin *+,ectives an! *utco$es
You will learn about access control models for different scenarios.
Assin$ent -e.uire$ents
In this assignment, you have a handout on the access control models. Read the handout and discuss it with your
classmates to collect answers for the following questions
!elect an access control model that best "revents unauthori#ed access for each of the five scenarios given in the
wor$sheet.
%hich ty"es of logical access controls should be used in each scenario& 'ustify your recommendations.
Res"ond to at least two other students( views to engage in a meaningful debate regarding their choices or to defend your
choice.
-e.uire! -esources
%or$sheet )ccess *ontrol +odels
Su+$ission -e.uire$ents
,ormat +icrosoft %ord
,ont -imes .ew Roman, !i#e /0, Double1!"ace
*itation !tyle )2) 3 v0
4ength /50 "ages
Due By 2rior to de"arting class today
Sel#/Assess$ent Chec%list
I have correctly selected an access control model that best "revents an unauthori#ed access for each of the five
scenarios given in the wor$sheet.
I have selected the correct ty"es of logical access controls that should be used in each scenario.
I have included 6ustifications for my recommendations.
.-0789 Intro to Information !ecurity 2age / of 3 %ee$ 3, Unit 3
!teve -odd
Davonte Brown
Unit 3 decision
I have res"onded to at least two other students( views.
Access control is basically identifying a person doing a specific job, authenticating them by looking at their
identification, then giving that person only the key to the door or computer that they need access to and
nothing more. In the world of information security, one would look at this as granting an individual
permission to get onto a network via a user-name and password, allowing them access to files, computers, or
other hardware or software the person requires, and ensuring they have the right level of permission to do
their job. So, how does one grant the right level of permission to an individual so that they can perform their
duties !his is where access control models come into the picture.
Access control models have four flavors" #andatory Access $ontrol %#A$&, 'ole (ased Access $ontrol
%'(A$&, )iscretionary Access $ontrol %)A$&, and 'ule (ased Access $ontrol %'(A$ or '(-'(A$&.
*et+s look at each of these and what they entail.
*ogical access in I! is often defined as interactions with hardware through remote access. !his type of
access generally features identification, authentication and authori,ation protocols. !his is often contrasted
with the term -physical access,- which refers to interactions with hardware in the physical environment,
where equipment is stored and used. (usinesses, organi,ations and other entities use a wide spectrum of
logical access controls to protect hardware from unauthori,ed. 'emote access. !hese can include
sophisticated password programs, advanced biometric security features, or any other setups that effectively
identify and screen users at any administrative level.
!he particular logical access controls used in a given facility and hardware infrastructure partially depend
on the nature of the entity that owns and administrates the hardware setup.
.overnment logical access security is often different from business logical access security, where federal
agencies may have specific guidelines for controlling logical access. /sers may be required to hold security
clearances or go through other screening procedures that complement secure password or biometric
.-0789 Intro to Information !ecurity 2age 0 of 3 %ee$ 3, Unit 3
!teve -odd
Davonte Brown
Unit 3 decision
functions. !his is all part of protecting the data kept on a specific hardware setup. I choose this e0piation
because when it comes to physical access it can be an easy fi0 just by looking at the hardware of the
computer. I could just be unplugged are missing a part. 1ne you solve that problem you+ll be fine. !hat was
my essay hope you enjoyed.
http://resources.infosecinstitute.com/access-control-models-and-methods/
http://www.techopedia.com/definition/23926/logical-access
.-0789 Intro to Information !ecurity 2age 3 of 3 %ee$ 3, Unit 3
!teve -odd