Developing Cybersecurity Programs and Policies

0.0(0)
Studied by 0 people
linked notesView linked note
call kaiCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/16

flashcard set

Earn XP

Description and Tags

A set of flashcards covering key concepts related to access control management in cybersecurity.

Last updated 11:10 PM on 4/23/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai

No analytics yet

Send a link to your students to track their progress

17 Terms

1
New cards

Access Control

Security features that govern how users and processes interact with systems and resources, aimed to protect against unauthorized access.

2
New cards

Security Posture

The organization’s approach to access control, categorized as either Secure (default deny) or Open (default allow).

3
New cards

Default Allow

A model where, by default, no security is enforced, allowing open access to all users.

4
New cards

Default Deny

A model where access is unavailable by default until the necessary access control is altered to allow it.

5
New cards

Principle of Least Privilege

Granting users the minimum permissions necessary to perform their tasks, helping protect data and users.

6
New cards

Need-to-Know

A principle requiring users to have a demonstrated and authorized reason to access specific information.

7
New cards

Authentication

The process of verifying the identity of a person or device, usually through credentials.

8
New cards

Single-Factor Authentication

An authentication method that requires one factor for verification.

9
New cards

Multifactor Authentication

An authentication method that requires two or more factors for verification.

10
New cards

Authorization

The process of assigning authenticated subjects permission to carry out specific operations.

11
New cards

Access Control List (ACL)

A list used to determine access rights based on defined criteria.

12
New cards

Discretionary Access Control (DAC)

Access control where data owners determine who can access particular resources.

13
New cards

Role-based Access Control (RBAC)

Access control based on the roles individuals have within an organization.

14
New cards

Network Segmentation

The process of logically grouping network assets to enhance security.

15
New cards

Virtual Private Network (VPN)

A secure tunnel for transmitting data over an insecure network like the Internet.

16
New cards

Monitoring

The process of auditing and tracking what users do once they access a specific resource.

17
New cards

Acceptable Use Agreement

A policy that informs users that their activities may be monitored while using company resources.