Access Control Flashcards

1
Q

Methods used to secure data and information by verifying a user has
permissions to read, write, delete, or otherwise modify it

A

Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  • The access control policy is determined by the owner
A

Discretionary Access Control (DAC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

An access control policy where the computer system determines
the access control for an object

A

Mandatory Access Control (MAC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Label-based access control that defines whether access should be
granted or denied to objects by comparing the object label and
the subject label

A

Rule Based Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Utilizes complex mathematics to create sets of objects and
subjects to define how they interact

A

Lattice Based Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

An access model that is controlled by the system (like MAC) but
utilizes a set of permissions instead of a single data label to define
the permission level

A

Role Based Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

§ The access control policy is determined by the owner

A

Best PRactices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

All access to a resource should be denied by default and only be allowed
when explicitly stated

A

Implicit Deny

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Users are only given the lowest level of access needed to perform their
job functions

A

Least Privilege

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

§ Requires more than one person to conduct a sensitive task or operation

A

Seperation of Duties

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Occurs when users are cycled through various jobs to learn the overall
operations better, reduce their boredom, enhance their skill level, and
most importantly, increase our security

A

Job Rotation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

§ Permissions assigned to a given user

A

User Rights

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

§ Collection of users based on common attributes (generally work roles)

A

Groups

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Occurs when a user gets additional permission over time as they rotate
through different positions or roles

A

Privilege Creep

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Process where each user’s rights and permissions are revalidated to
ensure they are correct
* Hired
* Fired
* Promoted

A

User Access Recertification

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Occurs when permissions are passed to a subfolder from the parent
through inheritance

A

Propagation

17
Q

A security component in Windows that keeps every user in standard user
mode instead of acting like an administrative user

A

User Account Control (UAC)