Terms Flashcards
Memorandum of Understanding
Usually a preliminary or exploratory agreement to express an intent to work together.
Service License Agreement
A contractual agreement setting our the detailed terms under which an ongoing service is provided.
Identity and Access Management
The process of protecting how users and devices are represented in the organization, as well as how users and devices are granted access to resources based on this representation.
Provisioning
Creating an account and giving a user authorization to use a particular application or file
Deprovisioning
Removing authorization or disabling an account
Privilege Management
Policies that describe what accounts should be able to do on a system and the technical controls to enforce the policies
Access Control
The control of access to system resources after a user’s account credentials and identity have been authenticated and access to the system has been granted.
Discretionary Access Control
The owner of the file/folder has rights to assign permissions to the file/folder. Most permissive option.
Role-based access control
A set or organizational roles are assigned to which permissions are granted. Users are assigned a role to receive access.
Attribute-based access control
Access decisions are based on a combination of subject and object attributes as well as any context-sensitive or system-wide attributes.
Mandatory access control
Resources are assigned a clearance level and users have access to anything at their clearance level and below.
Permissions are assigned by system owner and users have no control over permissions,