Access control - is the ability to permit or deny access to resources on a network or computer., Access control policy - defines the steps and measures that are taken to control access to objects., Access control system - includes policies, procedures, and technologies that are implemented to control access to objects., Authentication - is the process of validating identity. It includes the identification process, a user providing input to prove identity, and the system accepting that input as valid., Authorization - is granting or denying access to an object based on the level of permissions or the actions allowed with the object., Auditing - also referred to as accounting, is maintaining a record of the activity within the information system., Objects - are data, applications, systems, networks, and physical space., Subjects - are users, applications, or processes that need access to objects., Principle of least privilege - states that users or groups are given only the access they need to do their jobs and nothing more., Need to know - describes the restriction of data that is highly sensitive and is usually referenced in government and military context., Separation of duties - is the concept of having more than one person required to complete a task. This is a preventive principle primarily designed to reduce conflicts of interest. It also prevents insider attacks because no one person has end-to-end control and no one person is irreplaceable., Job rotation - is a technique where users are cross-trained in multiple job positions. Responsibilities are regularly rotated between personnel., Defense-in-depth - is an access control principle which implements multiple access control methods instead of relying on a single method. Multiple defenses make it harder to bypass security measures., Identification - is the act of claiming an identity, such as telling someone your name., Multi-Factor Authentication - is the process of using more than one way to verify identity. In the computer world, it is achieved by requiring two or more methods that only the user can provide., Mutual authentication - is when two communicating entities authenticate each other before exchanging data. It requires not only the server to authenticate the user, but the user to authenticate the server., Account creation - apply the appropriate access rights based on the job role as implemented in the access control system. Use the principle of least privilege and grant only the minimum privileges required to perform the duties of the position., Active accounts - apply the appropriate access rights based on the job role as implemented in the access control system. Use the principle of least privilege and grant only the minimum privileges required to perform the duties of the position., Creeping privileges - occur when a user's job position changes and the user is granted a new set of access privileges, but the user's current access privileges are not removed or modified, resulting in privilege escalation. As a result, the user accumulates privileges that are not necessary for the current work tasks., End-of-life procedures - should include not only deactivating or deleting unused accounts, but also destroying data that might remain on storage media. This will prevent sensitive data from being accessible to unauthorized users.,
0%
Access Control Models 6.1 Vocab
공유
만든이
Mrspendrak
Vocational / Technical
Computing
콘텐츠 편집
퍼가기
더보기
할당
순위표
더 보기
접기
이 순위표는 현재 비공개입니다.
공유
를 클릭하여 공개할 수 있습니다.
자료 소유자가 이 순위표를 비활성화했습니다.
옵션이 자료 소유자와 다르기 때문에 이 순위표가 비활성화됩니다.
옵션 되돌리기
애너그램
(은)는 개방형 템플릿입니다. 순위표에 올라가는 점수를 산출하지 않습니다.
로그인이 필요합니다
비주얼 스타일
글꼴
구독 필요
옵션
템플릿 전환하기
모두 표시
액티비티를 플레이할 때 더 많은 포맷이 나타납니다.
결과 열기
링크 복사
QR 코드
삭제
자동 저장된
게임을 복구할까요?