Physical Control - work in the built environment to control access to sites. Examples include fences, doors, and locks., Procedural controls - are applied and enforced by people. Examples include incident response processes, management oversight, and security awareness training programs., Logical controls - are applied and enforced by digital or cyber systems and software. Examples include user authentication, antivirus software, and firewalls., Authentication - means that everything using the system is identified by an account and that an account can only be operated by someone who can supply the correct credentials., Authorization - means access to resources is allowed only to accounts with defined permissions. Each resource has an access control list specifying what users can do. Resources often have different access levels; for example, being able to read a file or being able to read and edit it., Accounting - means logging when and by whom a resource was accessed., Implicit deny - means that unless there is a rule specifying that access should be granted, any request for access is denied., Least Privilege - This means that a user should be granted the minimum possible rights necessary to perform the job., User account - the principal means of controlling access to computer and network resources and assigning rights or privileges., Local Account - User account that can be authenticated again and allocated permissions for the computer that hosts the account only; s stored in a database known as the Security Account Manager (SAM), which is part of the HKEY_LOCAL_MACHINE registry., Local Users and Groups - To create, disable, and delete accounts, change account properties, reset user passwords, create custom groups, and modify group membership., Authentication Principals - Knowledge (something you know, such as a password); Possession (something you have, such as a smart card or smartphone); Inherence (something you are, such as a fingerprint) , Net user Commands - You can also manage accounts at the command line; You need to execute these commands in an administrative command prompt. , UAC - Windows feature designed to mitigate abuse of administrative accounts by requiring explicit consent to use privileges; Uses the least privilege security control. , MFA - means that the user must submit at least two different types of credentials; Uses soft tokes or an authenticator app/ software. , Hard Token Authentication - USB storage key or smart card with a cryptographic module that can hold authenticating encryption keys securely., Microsoft account - managed via an online portal (account.microsoft.com) and identified by an email address., Kerberos - SSO- system that uses a time based configuration. The Windows network sign-in process uses this in conjunction with the LSA. , Remote Sign-in - If the user's device is not connected to the local network, authentication can take place over some type of virtual private network (VPN) or web portal., Windows Hello - subsystem that allows the user to configure an alternative means of authenticating; Used in conjunction with PINs, Fingerprint, Facial Recognition, and Security keys; Uses TPM to secure two-factor authentication. , Windows Local Sign-on - The LSA compares the submitted credential to the one stored in the Security Accounts Manager (SAM) database, which is part of the registry., Active Directory (AD) - service for Microsoft Windows domain networks that facilitates authentication and authorization of user and computer accounts., Domain - Group of hosts that is within the same namespace and administered by the same authority., Member Server - Any application server computer that has joined a domain but does not maintain a copy of the Active Directory database; Provides file, print, and application server services. , Security Groups - Access control feature that allows permissions to be allocated to multiple users more efficiently; , Organizational Unit (OU) - Structural feature of a network directory that can be used to group objects that should share a common configuration or organizing principle, such as accounts within the same business department., Domain group Policy - Configures computer settings and user profile settings. Some settings are exposed through standard objects and folders, such as Security Settings., Group Policy Objects (GPOs) - On a Windows domain, a way to deploy per-user and per-computer settings such as password policy, account restrictions, firewall status, and so on., gpupdate - Command-line tools to apply and analyze group policies. Group policies are a means of configuring registry settings., Login Scripts - Code that performs a series of tasks automatically when a user account is authenticated.,
0%
Security Controls 1102
공유
만든이
Tkdelahaye
콘텐츠 편집
퍼가기
더보기
순위표
더 보기
접기
이 순위표는 현재 비공개입니다.
공유
를 클릭하여 공개할 수 있습니다.
자료 소유자가 이 순위표를 비활성화했습니다.
옵션이 자료 소유자와 다르기 때문에 이 순위표가 비활성화됩니다.
옵션 되돌리기
매치업
(은)는 개방형 템플릿입니다. 순위표에 올라가는 점수를 산출하지 않습니다.
로그인이 필요합니다
비주얼 스타일
글꼴
구독 필요
옵션
템플릿 전환하기
모두 표시
액티비티를 플레이할 때 더 많은 포맷이 나타납니다.
결과 열기
링크 복사
QR 코드
삭제
자동 저장된
게임을 복구할까요?
