ISC2 CC Domain 3: Access Control Concepts

0.0(0)
Studied by 0 people
call kaiCall Kai
Locked
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/26

encourage image

There's no tags or description

Looks like no tags are added yet.

Last updated 5:59 PM on 7/2/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai
Chat

No analytics yet

Send a link to your students to track their progress

27 Terms

1
New cards

principle of least privilege (PoLP)

users granted only minimum access necessary to perform their tasks

2
New cards

purpose of PoLP

limit potential dmg from malicious actions

3
New cards

how to implement PoLP

  • role-based permissions

  • regularly review access rights

  • enforce strict access controls

4
New cards

benefits of PoLP

  • reduce security risk from compromised accounts

  • simplifies auditing and compliance

  • improve overall system stability

5
New cards

segregation of duties SoD

divide critical tasks among multiple users to prevent fraud, errors and unauthorized actions

6
New cards

purpose of SoD

  1. reduce internal threats

  2. ensure no one person has complete control over sensitive operations

7
New cards

SoD involves the division of responsibilities into the following 3 processes:

  1. request

  2. approval

  3. execution

8
New cards

example of SoD in financial transactions

  1. purchasing

  2. payment processing

  3. record keeping

9
New cards

logical access controls

  1. DAC discretionary access controls

  2. MAC mandatory access controls

  3. RBAC role based access controls

10
New cards

DAC Discretionary Access Controls

flexible access model where the resource owner determines WHO can access it and WHAT they can do

11
New cards

advantage of DAC

flexible and user-friendly

12
New cards

disadvantage of DAC

owner may grant excessive access → risk of misuse → less secure

13
New cards

MAC Mandatory Access Control

strict access control where the permissions are enforced by central authority based on security classifications

14
New cards

disadvantage of MAC

  • inflexible (users cannot change access permissions)

  • complex to manage

15
New cards

example of MAC

documents being labeled as confidential, secret or top secret

16
New cards

RBAC Role-Based Access Control

access permissions based on user’s role in organization

17
New cards

advantages of RBAC

  • simplifies management

  • improve scalability

  • ensure consistent access rights

18
New cards

disadvantages of RBAC

be cautious to not grant excessive perms

19
New cards

physical security

protection of physical assets like hardware and data centers

20
New cards

key components of physical security

  1. access controls — ie biometric authentication

  2. perimeter security — fences and cameras, bollards

  3. environmental controls — fire suppression, power backup

21
New cards

purposes of access badges

  1. identification and authentication

  2. access restriction

  3. tracking and auditing

  4. multifactor integration

  5. deterrence

  6. lost/stolen badge management

22
New cards

types of sensors

  1. infrared

  2. pressure

  3. microwave

  4. ultrasonic

23
New cards

infrared sensor

cameras detect heat

24
New cards

pressure sensor

floors and mats

25
New cards

microwave sensors

detect movement

26
New cards

ultrasonic sensors

parking assistance, intrusion detection, robotic navigation

27
New cards

physical security monitoring systems

  1. video surveillance — detective, deterrent

  2. security guards — detective, deterrent, preventative

  3. lighting — deterrence, detection