- User cannot deny having performed a transaction - Combines authentication and integrity - Digital signatures

- More granular than least privilege - User must NEED TO KNOW that specific piece of information

An active entity on a system - People accessing files - Computer programs that update information

Any PASSIVE data within a system - Documents (physical) or electronic records - Database tables - Text files

Domain 1 - Security and Risk Management Flashcards by James Hatton

DAD (CIA Triad Alternate)

Disclosure, Alteration, Distruction

How well did you know this?

Not at all

Perfectly

DAD - Disclosure

CONFIDENTIALITY. Unauthorized release of information

How well did you know this?

Not at all

Perfectly

DAD - Alteration

INTEGRITY. Unauthorized modification of information

How well did you know this?

Not at all

Perfectly

DAD - Destruction

AVAILABILITY. Making systems or data unavailable

How well did you know this?

Not at all

Perfectly

Non-Repudiation

User cannot deny having performed a transaction
Combines authentication and integrity
Digital signatures

How well did you know this?

Not at all

Perfectly

Least Privilege

Users should be granted the minimum amount of access (authorization) required to do their jobs, and no more

How well did you know this?

Not at all

Perfectly

Need to Know

More granular than least privilege

- User must NEED TO KNOW that specific piece of information

How well did you know this?

Not at all

Perfectly

Subject

An active entity on a system

People accessing files
Computer programs that update information

How well did you know this?

Not at all

Perfectly

Object

Any PASSIVE data within a system

Documents (physical) or electronic records
Database tables
Text files

How well did you know this?

Not at all

Perfectly

Brainscape's Knowledge GenomeTM

Domain 1 - Security and Risk Management Flashcards

Brainscape's Knowledge Genome^TM