Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ISC2 - Study Notes > ISC2 - Study Notes 6 > Flashcards

ISC2 - Study Notes 6 Flashcards

1
Q

Administrators create rules that determine access to resources. As an example, routers have rules within an ACL. These rules identify what traffic the router will pass based on IP addresses, ports, and protocols.

A

Rule-based Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

is a more sophisticated type of Rule-based Access Control. It evaluates subject and object attributes, and grants access based on the value of these attributes. Attributes can be almost any characteristic of a user, the environment, or the resource.

A

Attribute-based Access Control (ABAC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Both the Clark-Wilson model and the Brewer-Nash model can be used to enforce the principle of separation of duties. The Brewer-Nash model also helps prevent a conflict of interest.

A

Info

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

is a list of objects along with the permissions granted for each object. You can think of an ??? as a group of ACLs. Each ACL represents a single object and lists all the permissions for that object.

A

Access Control Matrix

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

is a list of subjects, along with the capabilities granted to the subjects. These capabilities include rights and permissions. For example, a ??? can list several groups such as Project Managers, Project Team Leads, and Project Members. It then lists the rights and permissions granted to each of these groups.

A

capability table

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

refers to granting accounts access to resources. Accounts need to be configured properly when they are first created, managed while in use, and disabled or deleted when they are no longer needed.

A

Identity and access management (IAM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

??? include both rights and permissions. Rights are actions that an account can take on a system, such as backing up files, changing the time, or rebooting the computer. Permissions identify what a user can do with resources, such as reading and writing to a file or printing to a printer.

A

Privileges

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

It’s important to verify a person’s identity before creating a user account. Within an organization, Human Resources (HR) departments typically have processes they use for identity verification. Many HR departments require documents such as a driver’s license.

A

Identity Proofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

refers to creating accounts for users and granting them access to appropriate resources.

A

Provisioning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

??? protect against online brute-force attacks where the attacker attempts to guess the password. They are not effective against offline password attacks where the attacker has obtained a database of encrypted passwords and attempts to discover the actual passwords from the database.

??? This identifies how many incorrect passwords are allowed.

??? This identifies how long the account remains locked out.

A

Account lockout policies / Threshold / Duration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

ISC2 - Study Notes (28 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions