CHAPTER 3 SUMMARY

Question 1

User Provisoning

Answer 1

User Provisioning - The process of creating, maintaining and deactivating user identities on a system.

Question 2

Technical controls

Answer 2

Technical Controls - The security controls (i.e., safeguards or countermeasures) for an information system that are primarily implemented and executed by the information system through mechanisms contained in the hardware, software or firmware components of the system.

Question 3

Subject

Answer 3

Subject - Generally an individual, process or device causing information to flow among objects or change to the system state.

Question 4

Segregation of Duties

Answer 4

Segregation of Duties - The practice of ensuring that an organizational process cannot be completed by a single person; forces collusion as a means to reduce insider threats. Also commonly known as Separation of Duties.

Question 5

Rule

Answer 5

Rule - An instruction developed to allow or deny access to a system by comparing the validated identity of the subject to an access control list.

Question 6

RABC

Answer 6

Role-based access control (RBAC) - An access control system that sets up user permissions based on roles.

Question 7

Ransomware

Answer 7

Ransomware - A type of malicious software that locks the computer screen or files, thus preventing or limiting a user from accessing their system and data until money is paid.

Question 8

Privileged Account

Answer 8

Privileged Account - An information system account with approved authorizations of a privileged user.

Question 9

Principle of least privilege

Answer 9

Principle of Least Privilege - The principle that users and programs should have only the minimum privileges necessary to complete their tasks

Question 10

Physical Acess Controls

Answer 10

Physical Access Controls - Controls implemented through a tangible mechanism. Examples include walls, fences, guards, locks, etc. In modern organizations, many physical control systems are linked to technical/logical systems, such as badge readers connected to door locks.

Question 11

Object

Answer 11

Object - Passive information system-related entity (e.g., devices, files, records, tables, processes, programs, domains) containing or receiving information. Access to an object (by a subject) implies access to the information it contains.

Question 12

MAC

Answer 12

Mandatory Access Control - Access control that requires the system itself to manage access controls in accordance with the organization’s security policies.

Question 13

LAC

Answer 13

Logical Access Control Systems - An automated system that controls an individual’s ability to access one or more computer system resources, such as a workstation, network, application or database. A logical access control system requires the validation of an individual’s identity through some mechanism, such as a PIN, card, biometric or other token.

Question 14

Logging

Answer 14

Logging - Collecting and storing user activities in a log, which is a record of the events occurring within an organization’s systems and networks.

Question 15

Log Anomaly

Answer 15

Log Anomaly - A system irregularity that is identified when studying log entries which could represent events of interest for further surveillance.

Question 16

Layered Defense

Answer 16

Layered Defense - The use of multiple controls arranged in series to provide several consecutive controls to protect an asset; also called defense in depth. 

Question 17

Insider Threat

Answer 17

Insider Threat - An entity with authorized access that has the potential to harm an information system through destruction, disclosure, modification of data, and/or denial of service.

Question 18

Firewalls

Answer 18

Firewalls - Devices that enforce administrative security policies by filtering incoming traffic based on a set of rules.

Question 19

Encrypt

Answer 19

Encrypt - To protect private information by putting it into a form that can only be read by people who have permission to do so.

Question 20

DAC

Answer 20

Discretionary Access Control (DAC) - A certain amount of access control is left to the discretion of the object’s owner, or anyone else who is authorized to control the object’s access. The owner can determine who should have access rights to an object and what those rights should be.

Question 21

Defense in depth

Answer 21

Defense in Depth - Information security strategy integrating people, technology, and operations capabilities to establish variable barriers across multiple layers and missions of the organization.

Question 22

cpted

Answer 22

Crime Prevention through Environmental Design (CPTED) - An architectural approach to the design of buildings and spaces which emphasizes passive features to reduce the likelihood of criminal activity.

Question 23

Audit

Answer 23

Audit - Independent review and examination of records and activities to assess the adequacy of system controls, to ensure compliance with established policies and operational procedures