#67 - Knock, Knock? Who’s There and Whatcha Want?

On this episode of CISO Tradecraft we are going to talk about various Access Control & Authentication technologies. Access Control Methodologies: Mandatory Access Control or (MAC) Discretionary Access Control or (DAC) Role Based Access Control or (RBAC) Privileged Access Management or (PAM) Rule Based Access Control Attribute Based Policy Control (ABAC) or Policy Based Access Control (PBAC) Authentication Types: Password-based authentication Certificate-based authentication Token-based authentication Biometric authentication Two-factor Authentication (2FA) Multi-Factor Authentication (MFA) Location-based authentication Computer recognition authentication Completely Automated Public Turing Test to Tell Computers & Humans Apart (CAPTCHA) Single Sign On (SSO) Risk Based authentication References https://riskbasedauthentication.org/ https://blog.identityautomation.com/what-is-risk-based-authentication-types-of-authentication-methods https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-countermeasures  https://www.n-able.com/blog/network-authentication-methods  https://www.getgenea.com/blog/types-of-access-control/  https://www.twingate.com/blog/access-control-models/  https://csrc.nist.gov/glossary/term/authentication  https://csrc.nist.gov/glossary/term/authorization  https://www.techtarget.com/searchsecurity/definition/access-control