Last night I finished reading chapter 2 of Darril Gibson’s book and went to bed thinking about TMO, PDC, RBAC, DAC, and MAC. What is all this you ask? While Chapter 1 was all about authentication, Chapter 2 was all about physical and logical access controls. TMO is a self-created acronym that refers to Technical Controls, Management Controls, and Operational Controls. (Creating my own acronyms is one method I used to help process and store material in my brain.) These controls can either be Preventative, Detective, or Corrective (PDC) or before, during, and after an event as I like to think about them. Access controls can be Role-Based (RBAC) – using Groups, Discretionary (DAC) – Object/File level permissions with owners, or Mandatory (MAC) – using labels. (These 3 are not acronyms of my own) So far, it looks like the Security+ material is going to cover a lot of areas that require some bit of memorization. In addition to creating acronyms and using other tricks, I find that reading before bed and then reflecting on the material as I lay in bed before going to sleep helps with retention. This morning, I did the 24 end of chapter review questions and only missed one of them. It is currently around midnight and quiet in the house so I’m going to get chapter 3 read tonight before turning in for bed.