3 : Logical Access Flashcards
logical access controls in information technology
logical access controls are tools and protocols used for
identification, authentication, authorization, and accountability in computer information systems
The two main types of access controls
physical and logical
Physical access control
Limits access to campuses, buildings, facilities, and physical IT assets
Logical access control
Limits connections to computer networks, system files and data.
The four main categories of access controls are
Mandatory Access Control
Discretionary access control
Role-based access control
Rule-based access control
Mandatory Access Control (MAC)
(MACs) are logical access control that cannot be controlled or modified by normal users or data owners.
Discretionary Access Control (DAC)
(DACs) are logical access control that may be activated or modified by the data owners at their discretion.
MAC compared to DAC ; in terms of data security, which is the best choice
MACs are better choice
Steps to follow when implementing logical access contros
1- Inventory of IS resources
2-Classification of IS resources
3-Grouping/labeling of IS resources
4-Creation of an access control list
What is the first step on data classification
Identify the owner of the data/application
Automated password management tool vs Manual password management tool
In any given scenario, an automated password management tool works as best preventive control and ensures compliance with password management policy
preventive controls as compared to detective and deterrent controls
In any given scenario, preference to be given to preventive controls as compared to detective or deterrent controls.
Automated controls as compared to manual controls
In any given scenario, preference to be given to automated controls as compared to manual controls
What is the prime objective of review of logical access control
to ensure access have been assigned as per organization’s authorization
