Access Controls, Firewalls, and VPNs (INC)

0.0(0)
studied byStudied by 2 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/19

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

20 Terms

1
New cards

Access Control

Method by which systems determines whether and how to admit a user into a trusted area of the organization

2
New cards

Mandatory Access Controls (MACS)

Use data classification schemes

3
New cards

Discretionary Access Controls (DACs)

Allow users to control and possible provide access to information/resources at their disposal

4
New cards

Identification

Mechanism whereby unverified entities seeking access to a resource (supplicants) provide a label by which they are know to the system

5
New cards

Authentication

The process of validating a supplicant’s purported identity

6
New cards

Password

A private word or combination of characters that only the user should know

7
New cards

Passphrase

A series of characters, typically longer than a password, from which a virtual password is derived

8
New cards

Dumb Card

ID or ATM card with magnetic stripe

9
New cards

Smart Card

Contains a computer chip that can verify and validate information

10
New cards

Authorization

The matching of an authenticated entity to a list of information assets and corresponding access levels

11
New cards

Accountability (auditability)

Ensures that all actions on a system-authorized or unauthorized- can be attributed to an authenticated identity

12
New cards

Access Control Architecture Models

Illustrate access control implementations and can help organizations quickly make improvements through adaptation

13
New cards

ITSEC

An international set of criteria for evaluating computer systems

14
New cards

Bell-LaPadula Confidentiality Model

Model of an automated system able to manipulate its state or status over time

15
New cards

Biba Integrity Model

Based on “no write up, no read down” principle

16
New cards

Graham-Denning Access Control Model

Composed of set of objects, set of subjects, and set of rights

17
New cards

Harrison-Ruzzo-Ullman Model

Defines method to allow changes to access rights and addition/removal of subjects/objects

18
New cards

Brewer-Nash Model

Designed to prevent conflict of interest between two parties

19
New cards

Firewalls

Prevent specific types of information from moving between an untrusted network (the Internet) and a trusted network (organization’s internal network)

20
New cards

SOCKS

The protocol for handling TCP traffic via a proxy server