Pass your certification exam. Faster. Guaranteed.

Join the 40,000+ candidates in over 58 countries that have found a faster, better way to pass their certification exam.


Comprehensive practice exam engine!

  • Unlimited access to thousands of practice questions
  • Exam readiness score
  • Smart reinforcement


All features in the FREE plan, plus:

  • Focused training ensures 100% exam readiness
  • Personalized learning plan
  • Align exam engine to your current baseline knowledge
  • Eliminate wasted study time
  • Exam pass guarantee
  • And much more

Access Control Techniques Transcription

Welcome to our access control techniques module. There are several techniques for controlling access to resources. One option is to use restricted user interfaces. We can use restricted menus, which will only provide functions that the administrator allows a user to see. Here, an administrator may have access to ten different functions in a menu, but a standard user may only be able to see three or four things.

We can use shells to only allow certain commands that the administrator allows to be run in a shell environment. With databases, we can use different views depending on who is accessing the system. In certain views, we may provide additional information, such as a customer's Social Security number, but we would not allow all users to have access to that view.

We can also physically constrain access to a system, such as on an ATM machine. There is only a keypad allowing the digits zero through nine. We are not allowing the users to enter data on a keyboard. We can also use encryption, which requires a decryption key in order to access sensitive information.

We can control user's access to information based on a content-dependent access control system, or a context-dependent access control system. A content-dependent access control system restricts access to information based on the sensitivity of the information itself. For example, if we have top secret data, we would not allow someone who only holds a secret security clearance to access that data.

We can also place context-dependent controls in place. Here, we're restricting the user based on the sequence of their events. For example, if a user attempts to access one piece of sensitive data, we may permit that. But if the user attempts to access three or four sensitive pieces of data in a row, we may block them from accessing additional content until they are able to attain approval for such activity.

We can see at the picture at the bottom of the slide an example of content-based access control. Here we can see that an HR user is permitted to access payroll data, but someone from the development team is not permitted to access payroll data, because that team should not have access to that information.

We can use a matrix to maintain control of our resources and determine who has the ability to interact with them. A capability table specifies the rights that a user has when interacting with a certain object, and an access control list is used to authorize a subject to access an object.

We have an example of an access control matrix at the bottom of the slide. This tells us who has the ability to access which resources. For example, Bob has full control of file one, but Alice is only permitted to read this file. For file two, Alice can read and write to the file, but Bob has no access whatsoever.

When we implement an access control matrix, we assign capabilities to users. The capabilities will identify a specific object and provide that user's ability to access the object or not access the object. Capabilities are bound to a specific user, and as we saw in the graphic on the previous slide, the capabilities appear in the rows on the matrix.

The columns on the matrix indicate the object that the user is attempting to access. We can use profiles in order to control what users have access to. Each user will have a list of objects that they are associated with, and the access that they are permitted to have with that object.

Each object's name has to be unique, and you must use full path names. Every time a user attempts to access an object, the profile will be checked to determine if they have access to that object or not. You do have overhead in this type of system, and as the number of objects increase, the complexity will increase as well.

This concludes our access control techniques module. Thank you for watching.

Included in all plans.

1000's of practice test questions

Classified by skill and ranked by difficulty. Choose to answer questions in STUDY MODE to review and you go.

Exam Readiness Score

Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.

Smart Reinforcement

Don’t forget what you’ve just studied! Use the intelligent reinforcement questions to stay fresh.

THANK YOU! Just bloody thank you! I’m doing the CEH minor at my college and well...I’ve learned more from this site in a few hours than I’ve learned from my school in 9 weeks about the subject. Keep up the good work!

PRO Membership Benefits.

Personalized Learning Plan

Skillset’s Exam Engine continuously assesses your knowledge and determines when you are ready take and pass your exam. When Skillset learns that there is a gap between your knowledge and what you need to know to pass, we present you with a focused training module that gets you up to speed quickly. No fluff! Find your knowledge gaps and fill them.

Exam Pass Guarantee

Skillset is confident that we can help anyone pass their exam. If you reach 100% readiness, and you do not pass your exam, we will refund you plus pay for a replacement exam voucher. That’s how powerful our learning system is, we can offer this guarantee and stand behind our products with this no risk to you guarantee. See terms and conditions.

Eliminate Wasted Study Time

Don’t waste time studying concepts you have already mastered. Focus on what you need to know to pass. The Skillset Competency Diagnostic aligns our Exam Engine and Learning Plan to your baseline knowledge. This saves an average of 31% of the time required to prep for a professional certification exam.

Coming Soon - Simulated Exam

More PRO benefits are being built all the time!