Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CS407 > Week 3 - Authorisation > Flashcards

Week 3 - Authorisation Flashcards

1
Q

What is the difference between authentication and authorization?

A
  • Authentication: Verifying the identity of a user.
  • Authorisation: Determining whether the authenticated user is permitted to perform a specific action
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How is authorization managed in access control models?

A
  • subject level - what actions the user can perform
  • object level - what actions are allowed on a specific resource
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the principle of least privilege?

A

Users should only be given the minimum access necessary to perform their job

reducing the risk of unauthorized access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the two types of privilege escalation attacks?

A
  • Vertical privilege escalation: Gaining access to a higher level account (e.g., user to admin).
  • Horizontal privilege escalation: Gaining access to another user’s data or account at the same access level.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

common methods of executing privilege escalation attacks?

A
  • Password guessing attacks.
  • SQL injection attacks.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CS407 (31 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions