Access Control 4.6 Flashcards
1
Q
Access Control
A
- All security features used to prevent unauthorized access to a computer system or network.
2
Q
Authorization
A
- The process of ensuring only authorized right are exercised
- Process of determining rights
- Policy definition
3
Q
Least Privilege
A
- Rights and permission should be set to the bare minimum, only what’s needed to complete the objective
4
Q
Using Least Privilege to Limit Malicious Behavior
A
- Don’t allow the user with Admin privileges.
5
Q
Mandatory Access Control (MAC)
A
- OS limits the operation on an object, based on security clearance levels.
6
Q
MAC Labels
A
- Every object, or file, gets label.
- Labels can include “Confidential”, “Secret”, “Top Secret”
7
Q
MAC Labels Predefined Rules
A
- Labeling of objects uses predefined rules which is decided by the administrator.
- Admin decides who gets access to what security level.
- Users cannot change these settings
8
Q
Discretionary Access Control (DAC)
A
- Most common type of access control
- the owner can decide which subjects can have access to the object and the specific access.
- Flexible access control, weak security
9
Q
Role-Based Access Control (RBAC)
A
- Based on the subject’s role within the organization
- The admin provides access based on the user’s role and grants specific rights and permissions
10
Q
Rule-Based Access Control
A
- Access is determined through system-enforced rules by the system admin, not the user.
- The system will check the ACLs for the object, and check if that object matches the set of rules.