Access Control Flashcards
(30 cards)
Access Control Lists (ACLs)
Provide an easy method for specifying which users, or subjects, are allowed to access which object (ie. files).
Application- Based IDS (AIDS)
Analyze what’s going on in an application using the application’s transition log files.
Compartmentalized information
This is information that requires a special authorization beyond the normal classification system.
Compensating controls
These controls reinforce or replace normal controls that are unavailable for any reason.
Corrective Controls
These controls remedy the circumstances that enables the unwanted activity, and/or return conditions to where they were prior to the unwanted activity.
Crossover Error Rate (CER)
As the sensitivity of the biometric system is adjusted, FAR & FRR values change inversely.
Detective controls
These controls identify, log, and alert management to unwanted actions or events, as or after they occur.
Deterrent controls
These controls prescribe some sort of punishment, ranging from embarrassment to job termination or jail time for noncompliance. Their intent is to dissuade people from performing unwanted acts.
Directive controls
Those controls dictated by organizational and legal authorities.
Discretionary Access Control (DAC)
A means of restricting access to objects based on the identity of subjects and/or groups to which they belong.
False Rejection Rate (FRR), Type I Error
Authentication fails when it should not. This happens when an authorized person is denied access.
False Acceptance Rate (FAR), Type II Error
Authentication is successful when it should not be. This happens when an unauthorized person is granted access. This may happen because the biometric system cannot distinguish between the biometric signatures of different people. This is the far more serious of the two error conditions.
Host-Based IDS (HIDS)
Analyze information from a single computer and consequently offer greater precision and reliability and can show the results of an attack.
Intrusion Detection Systems (IDS)
Real-time monitoring of events as they happen in a computer system or network, using audit trail records and network traffic and analyzing events to detect potential intrusion attempts.
Intrusion Prevention Systems (IPS)
Any hardware or software mechanism that has the ability to detect and stop attacks.
Kerberos Process
An SSO open-standards protocol for authentication in a single security domain.
Key Distribution Center (KDC)
Works as both an Authentication Server (AS) and a Ticket Granting Server (TGS).
Least priviledge
The principle that people or processes should only be allowed access to the resources they absolutly need to accomplish their assigned work, and only for as long as necessary to complete that work.
Mandatory Access Control (MAC)
Means of restricting access to objects based on the sensitivity (as represented by a label) of the information contained in the objects and the formal authorization (ie. clearance) of subjects to access information of such sensitivity.
Need-to-know
This principle restricts users from accessing information or systems not required to perform their jobs.
Network-Based IDS (NIDS)
Can detect potential attacks by analyzing captured network packets.
Preventive controls
These controls block unwanted actions.
Recovery controls
These controls restore lost computing resources or capabilities and help the organization to return to normal operations and recover monetary losses caused by a security violation or incident.
Rule-Based Access Control
Access is based on a list of rules created or authorized by system owners that specify the priviledges granted to users.