Domain 5 : Identity & Access Management Flashcards
What is ABAC?
Attribute-based access control (ABAC) Attribute-based access control (ABAC) uses attributes associated with subjects, objects, and the environment to make access control decisions. These attributes can include user roles, time of day, location, and other context-specific information.
Ethical Wall
An ethical wall is a screening mechanism that protects clients from a conflict of interest by preventing one or more attorneys from participating in any matters for which they have a conflict.
DAC
Discretionary Access Control (DAC) was originally defined by the Trusted Computer System Evaluation Criteria (TCSEC) as “a means of restricting access to objects based on the identity of subjects and/or groups to which they belong.
Data Custodian
Data custodians are responsible for the safe custody, transport, storage of the data and implementation of business rules. Simply put, Data Stewards are responsible for what is stored in a data field, while data custodians are responsible for the technical environment and database structure.
Whaling attack
A whaling attack is a method used by cybercriminals to masquerade as a senior player at an organization and directly target senior or other important individuals at an organization, with the aim of stealing money or sensitive information or gaining access to their computer systems for criminal purposes.
Logical Access Control System (LACS)
An automated system that controls an individual’s ability to access one or more computer system resources such as a workstation, network, application, or database.
Mandatory access control (MAC)
Mandatory access control is a method of limiting access to resources based on the sensitivity of the information that the resource contains and the authorization of the user to access information with that level of sensitivity.
Access Tokens
An access token is a compact digital artifact, typically in the form of a JSON Web Token (JWT), that grants permissions to a user (the resource owner) to access certain resources. These tokens act as an electronic key, ensuring that the user has the correct permissions to access the data they are requesting.
Privilege creep
Privilege creep is a cybersecurity term that describes the gradual accumulation of network access levels beyond what an individual needs to do their job. Users need specific privileges to perform tasks and job functions.
False Acceptance Rate (FAR)
False acceptance rate (FAR): It stands for the percentage in which admission to the ear biometric system is mistakenly accepted for unauthorized users (i.e., imposters).
