WEBVTT

00:00:01.220 --> 00:00:08.109
Welcome to Domain three, Access Control Concepts for Certified in Cybersecurity.

00:00:08.230 --> 00:00:13.010
I've often said that this is the most important part of any security program.

00:00:13.390 --> 00:00:18.170
Access control is not just about keeping unauthorized people out,

00:00:18.560 --> 00:00:23.850
but it is about ensuring that people can do their jobs enabling access,

00:00:24.240 --> 00:00:28.460
allowing authorized personnel to perform authorized functions.

00:00:28.900 --> 00:00:33.150
Access controls is the heart of the security program,

00:00:33.210 --> 00:00:36.960
whether it is access to buildings, networks,

00:00:37.050 --> 00:00:38.830
systems, or data.

00:00:40.280 --> 00:00:45.020
We will examine identity and access management where we

00:00:45.020 --> 00:00:48.840
identify the entities that are requesting access,

00:00:48.850 --> 00:00:50.910
whether a personal or process,

00:00:51.320 --> 00:00:56.400
we authenticate the entity and grant them the appropriate level of access,

00:00:56.540 --> 00:00:58.970
a process we call authorization.

00:00:59.520 --> 00:01:03.870
We log all activity so we have a record of who did what

00:01:03.880 --> 00:01:06.480
and to support compliance requirements.

00:01:07.290 --> 00:01:11.400
This course will examine some access control principles and

00:01:11.400 --> 00:01:14.770
both physical and logical access controls.

00:01:15.020 --> 00:01:16.130
This should be fun.

00:01:16.270 --> 00:01:21.580
And we will examine very practical information that we will use every day.

00:01:21.950 --> 00:01:22.970
Let's get started.