Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Info Assurance and Security > Chapter4 > Flashcards

Chapter4 Flashcards

1
Q

The prevention of unauthorized use of resource, including the prevention of use of a resource in an unauthorized manner

A

Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Verification that the credentials of a user or other system entity are valid

A

Authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The granting of a right or permission to a system entity to access a system resource.

A

Authorization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

An independent review and examination of system records and activities in order to test for adequacy of system controls

A

Audit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Access control policies are generally grouped into following categories

A
  • Discretionary access control (DAC)
  • Mandatory access control (MAC)
  • Role-based access control (RBAC)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Control access based on the identity of the requestor and on access rules (authorizations) stating what requestor are (or are not) allowed to do.

A

Discretionary access control (DAC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Control access based on comparing security labels with security clearances

A

Mandatory access control (MAC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

controls access based on the roles that users have within the system and on rules stating what accesses are allowed to users in given roles

A

Role-based access control (RBAC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

dictates what types pf access are permitted and by whom

A

access control policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Traditional method of implementing access control

A

DAC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Access Control Requirements:

A
  • Reliable input
  • Support for fine and coarse specifications
  • Least privilege
  • Separation of duty
  • Open and closed policies
  • Policy combination and conflict resolution
  • Administrative Policies
  • Dual Control
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

basic elements of access control

A
  • subject
  • object
  • access right
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

It is an entity capable of accessing objects

A

subject

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

classes of subjects

A
  • Owner
  • Group
  • World
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

it is a resource which access is controlled

A

object

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

describe the way in which a subject may access an object.

A

access right

17
Q

Access rights:

A
  • Read
  • Write
  • Execute
  • Delete
  • Create
  • Search
18
Q

it specifies authorized objects and operations for a particular user.

A

Capability ticket

19
Q

it is a set of objects together with access rights to those objects

A

Protection domain

20
Q

dictates what types of access are permitted

A

Access control policy

Info Assurance and Security (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions