Access Control 4.6 Flashcards

1
Q

Access Control

A
  • All security features used to prevent unauthorized access to a computer system or network.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Authorization

A
  • The process of ensuring only authorized right are exercised
  • Process of determining rights
  • Policy definition
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Least Privilege

A
  • Rights and permission should be set to the bare minimum, only what’s needed to complete the objective
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Using Least Privilege to Limit Malicious Behavior

A
  • Don’t allow the user with Admin privileges.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Mandatory Access Control (MAC)

A
  • OS limits the operation on an object, based on security clearance levels.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

MAC Labels

A
  • Every object, or file, gets label.
  • Labels can include “Confidential”, “Secret”, “Top Secret”
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

MAC Labels Predefined Rules

A
  • Labeling of objects uses predefined rules which is decided by the administrator.
  • Admin decides who gets access to what security level.
  • Users cannot change these settings
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Discretionary Access Control (DAC)

A
  • Most common type of access control
  • the owner can decide which subjects can have access to the object and the specific access.
  • Flexible access control, weak security
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Role-Based Access Control (RBAC)

A
  • Based on the subject’s role within the organization
  • The admin provides access based on the user’s role and grants specific rights and permissions
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Rule-Based Access Control

A
  • Access is determined through system-enforced rules by the system admin, not the user.
  • The system will check the ACLs for the object, and check if that object matches the set of rules.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly