Ch 6: Access Controls - Key Terms

0.0(0)
studied byStudied by 1 person
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/28

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

29 Terms

1
New cards

Access control

The process of protecting a resource so that it is used only by those allowed to use it; a particular method used to restrict or allow access to resources.

2
New cards

Access control list (ACL)

An implementation technique to control access to a resource by maintaining a table of authorized user IDs; also used to permit or deny IP packets to/from router and switch interfaces to managed IP traffic flow.

3
New cards

Access control policy

An organizational policy definition that defines how authorized users gain access to resources based on their role and job functions and duties. This policy defines the rules for how employees and authorized contractors are granted access and how their access is removed.

4
New cards

Accountability

Defininitions of the roles and responsibilities of key IT security employees and incident response team members and what they must do.

5
New cards

Authentication

The process of proving someone is the person or entity he or she claims to be.

6
New cards

Authentication, authorization, and accounting (AAA)

Core services provided by one or more central servers to help standardize access control for network resources.

7
New cards

Authorization

The process of deciding who is approved for access to specific resources.

8
New cards

Biometrics

A physiological or behavioral human-recognition system (e.g., fingerprint reader, retina scanner, or voice-recognition reader).

9
New cards

Chinese wall

A set of rules that makes sure no subject gets to objects on the other side of the "wall."

10
New cards

Cloud computing

The practice of using computing services that are hosted in a virtualized data center with remote access to the application and data (e.g., Software as a Service [SaaS] utilizes cloud computing).

11
New cards

Cloud service provider (CSP)

A type of company that maintains data centers with racks of server computers, each running multiple virtual machines, and is able to provide services to many clients simultaneously. Organizations of all types turn to this type of company to avoid having to maintain their own data centers.

12
New cards

Common Criteria for Information Technology Security Evaluation (Common Criteria)

ISO/IEC 15408 standard for computer security.

13
New cards

Constrained user interface

Software that allows users to enter only specific information and perform only specific actions.

14
New cards

Decentralized access control

A system that puts access control into the hands of people, such as department managers, who are closest to system users; there is no one entity to process access requests in this system.

15
New cards

DIAMETER

A popular centralized access control protocol that succeeded RADIUS and provides access control for stable and static workforces.

16
New cards

Discretionary access control (DAC)

A means of restricting access to objects based on the identity of subjects and/or groups to which they belong.

17
New cards

Identification

The process of providing credentials to claim to be a specific person or entity.

18
New cards

Logical access control

A mechanism that limits access to computer systems and network resources.

19
New cards

Mandatory access control (MAC)

A means of restricting access to an object based on the object's classification and the user's security clearance.

20
New cards

Multifactor authentication (MFA)

Using two or more types of authentication credentials to authenticate an identity.

21
New cards

Physical access control

A mechanism that regulates access to physical resources, such as buildings or rooms.

22
New cards

Privacy

The protection of individual rights to nondisclosure.

23
New cards

Remote Authentication Dial-In User Service (RADIUS)

Popular protocol, first introduced in the early 1990s, that supports remote user authentication for large numbers of users wishing to connect to central servers.

24
New cards

Role-based access control (RBAC)

An access control method that bases access control approvals on the jobs the user is assigned.

25
New cards

Security kernel

The central part of a computing environment's hardware, software, and firmware that enforces access control for computer systems.

26
New cards

Single sign-on (SSO)

A method of access control that allows a user to log on to a system and gain access to other resources within the network via the initial logon. SSO helps a user avoid having to log on multiple times and remember multiple passwords for various systems.

27
New cards

Smart card

A plastic card with authentication credentials embedded in either a microchip or magnetic strip on the card.

28
New cards

Terminal Access Controller Access System Plus (TACACS+)

A Cisco proprietary remote access client/server protocol that provides authentication, authorization, and accounting.

29
New cards

Token

A physical device that transmits a secret code to a user to authenticate the user. Can be a hardware-device token or a software-generated token.