SSCP Domain: Access Controls

This course is included in our On-demand training solution.


With the increasing growth of the Internet and networks in general being used for business, security is an important issue. A key aspect of business security is controlling which users have access to what resources, and which operations they can perform. The mechanism for controlling these aspects is Access Control. This courses examines how to determine appropriate access controls, architecture models, authentication techniques and access methods. It explains access control systems, their differences and implementations and how they protect services and data. This course also demonstrates attack methods used to bypass access control systems and describes account management procedures and key access control concepts. The course guides you through the Common Body of Knowledge (CBK) recommended by the International Information Systems Security Certification Consortium (ISC)2 for its Systems Security Certified Practitioner (SSCP) certification. The SSCP credential certifies student expertise in 7 different knowledge domains.

Target Audience

Experienced IT professionals with a basic knowledge of network and communications protocols and equipment seeking to pass the System Security Certified Practitioner (SSCP) exam, or otherwise gain knowledge in assessing, planning, implementing and managing IT security in an enterprise environment. A minimum of one year’s professional experience in one of the seven SSCP CBK Domains is required for certification.


Expected Duration

150 min.

Course Objectives

Course Overview

Access Controls

  • identify the most appropriate access controls for particular situations
  • recognize the considerations for access control subjects and access control objects
  • Access Control Architecture Models

  • select appropriate access control architecture models for particular situations
  • recognize access control architecture models
  • Access Control and Models

    Identification and Knowledge-based Authentication

  • describe knowledge and ownership based authentication methods
  • Identity Management Solutions

  • describe the components of an identity management solution
  • Characteristic and Multifactor Based Authentication

  • describe characteristics-based authentication methods
  • describe multifactor authentication methods
  • Authorization and Accountability

  • recognize the advantages of single sign-on systems (SSOs) for authentication
  • describe how Kerberos is used for authentication
  • Access Methods and Portable Device Security

  • select the most appropriate access control methodology to use in a particular situation
  • rank portable devices according to the amount of data they can remove from a network
  • Cloud Computing and Virtualization

  • describe security risks and mitigation techniques for virtual platforms
  • describe the phases of a cloud computing data cycle
  • Identification, Authentication and Access Methods