TICSA Certification: Information Security Basics
- Objectives
- Introduction
- AAA Overview: Access Control, Authentication, and Accounting
- Security Administration—The Importance of a Security Policy
- Keeping Up with and Enforcing Security Policies
- Risk Assessment
- Why Data Classification Is Important
- The Importance of Change Management
- Performing Vulnerability Assessments
- Chapter Summary
- Apply Your Knowledge
Objectives
This chapter covers the following TruSecure-specified objectives for the TICSA exam:
Identify, specify, or describe good access control and authentication processes and techniques.
-
Access control and authentication combine with accounting to form the triple-A ("AAA") basis for computer security. A solid understanding of these principles is essential knowledge for any security practitioner.
Identify or explain examples of risk management fundamentals and the basic tenets of security.
-
Risk management allows security professionals to determine what threats are likely to impact a system/network and allocate security resources accordingly.
Describe, recognize, or select good administrative maintenance and change-control issues and tools.
-
No security policy is immutablechange is inevitable. Good policies provide a structured maintenance and change control process to ensure future modifications occur in an orderly manner.