Chapter 3 Flashcards
What is the next step after a user is identified and authenticated?
Authorization
_______ defines what the user can access, modify, and delete.
Authorizarion
Policies or procedures used to control access to certain items
Access Controls
The lowest level of authorization allowed to a user to perform duties
Principles of Least Privilage
A user having more access than usual is an example of a violation of _________
Principles of Least Privilage
Giving access to resources
Allowing Access
Preventing a given party from accessing the resource(s) in question
Denying Access
Allowing partial access to resources
Limiting Access
A set of resources devoted to a program, process, or similar entity, outside of which the entity cannot operate.
Sandbox
Taking access that was once allowed away from the user.
Revoking Access
What is often referred to as “ackles”?
Access Control Lists (ACLs)
Lists containing information about what kind of access certain parties are allowed to have to a given system
Access Control Lists (ACLs)
Used to control access in the file systems on which our operating systems run and control the flow of traffic in the networks to which our systems are attached
Access Control Lists (ACLs)
Commonly discussed in the context of firewalls and routers
Access Control Lists (ACLs)
ACLs
Access Control Lists
Access Control Lists in most file systems have three types of permissions
Read
Write
Execute
Can a file or directory have multiple Access Control Lists attached to it?
Yes
In the case of Network ACLs, we typically see access controlled by the identifiers we use for network transactions, such as __________________, ______________, and ____________.
Internet Protocol addresses (IP Addresses)
Media Access Control addresses (MAC Addresses)
Ports
MAC Address
Media Access Control Address