Chapter 14: Controlling and Monitoring Access Flashcards
In general, ____refer to the access granted for an object and determine what you can do with it.
permissions
A ___ primarily refers to the ability to take an action on an object.
right
The ____ principle ensures that access to an object is denied unless access has been explicitly granted to a subject.
Implicit deny
Applications use _____ interfaces or restricted interfaces to restrict what users can do or see based on their privileges.
constrained
_____ access controls restrict access to data based on the content within an object.
Content-dependent
_____ access controls require specific activity before granting users access.
Context-dependent
A ____ policy is a document that defines the security requirements for an organization.
security
A key characteristic of the Discretionary Access Control (DAC) model is that every object has an owner and the owner can grant or deny access to any other subjects.
A key characteristic of the ____ model is the use of roles or groups. Instead of assigning permissions directly to users, user accounts are placed in roles and administrators assign privileges to the roles.
Role-Based Access Control (RBAC)
A key characteristic of the ____ control model is that it applies global rules to all subjects.
rule-based access
A key characteristic of the ____ model is its use of rules that can include multiple attributes.
Attribute-Based Access Control (ABAC)
A ____ control model grants access after evaluating risk.
risk-based access
A ______ model relies on the use of classification labels
Mandatory Access Control (MAC)
A _______ environment relates various classification labels in an ordered structure from low security to medium security to high security, such as Confidential, Secret, and Top Secret, respectively.
hierarchical
In a ______ environment, there is no relationship between one security domain and another.
compartmentalized