- Access controls are security features that are usually considered the first line of defense in asset
protection. They are used to dictate how subjects access objects, and their main goal is to protect the
objects from unauthorized access. Access control models are frameworks that use access controls to
enforce the rules and objectives of the model. In your essay response, compare the different Access
Control Models and give an example of one that you have used in a work situation or if that is not possible,
one that you’ve read about in a scholarly article. 2. Relying on a password to secure access to a system
does not provide enough security in today’s complex world. The Office of Personnel Management learned
this the hard way in 2015. Since OPM was hacked and it was learned that the attackers compromised their
system administrator accounts that were protected only with passwords, the Federal government has
required the use of multifactor authentication for privileged accounts. Describe the three factors that can
be used in authentication and give at least two examples for each. 3. There are two main methods of
access control administration that an organization can choose between to achieve the level of protection
that they need to secure their assets and information: centralized and decentralized. Describe the
RADIUS, TACACS, and DIAMETER forms of centralized access control administration. What are the
advantages and disadvantages of decentralized administration.