5.0 Inside the Empire Authentication Authorization and Access Controls PowerPoint

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/20

flashcard set

Earn XP

Description and Tags

Flashcards

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

21 Terms

1
New cards

Authentication

The process of verifying the identity of a user or device.

2
New cards

Authorization

The right or permission granted to a system entity to access a system resource.

3
New cards

Access Controls

Security measures that regulate who can view, use, or modify resources within an information system.

4
New cards

Principle of Least Privilege (PoLP)

Mandates that users and programs should have only the minimum level of access necessary to complete their tasks.

5
New cards

Single-Factor Authentication (SFA)

Use of just one of the three available factors to carry out the authentication process.

6
New cards

Two-Factor Authentication (2FA)

A security process that requires two distinct forms of identification to verify a user's identity.

7
New cards

Multi-Factor Authentication (MFA)

Using two or more distinct instances of the three factors of authentication for identity verification.

8
New cards

User Provisioning

The process of creating, maintaining, and deactivating user identities on a system.

9
New cards

Access Control Lists (ACLs)

Specify individual user or system process permissions to access specific system objects.

10
New cards

Logical Access Control Systems (LACS)

Automated systems that control an individual’s ability to access computer system resources.

11
New cards

Biometric Authentication

Utilizing unique physical characteristics to secure highly sensitive data.

12
New cards

Attribute-based Access Control (ABAC)

Policies that consider various attributes such as user role, time of access, location, and resource type.

13
New cards

Discretionary Access Control (DAC)

Access control left to the discretion of the object’s owner.

14
New cards

Mandatory Access Control (MAC)

Requires the system to manage access controls based on security policies.

15
New cards

Role-based Access Control (RBAC)

Assigns permissions to users based on their roles within an organization.

16
New cards

Just-In-Time Access (JIT)

Provides temporary elevated access only for the duration necessary to complete specific tasks.

17
New cards

Access Logging and Monitoring

Keeping detailed and secure logs of access events to identify unauthorized activity.

18
New cards

Regular Access Reviews

Periodically reviewing and adjusting access permissions to align with current roles.

19
New cards

Security Controls

Measures implemented to protect physical assets, organizational policies, and technical systems.

20
New cards

Physical Controls

Tangible measures to protect physical assets, infrastructure, hardware, and facilities.

21
New cards

Administrative Controls

Policies, procedures, and guidelines designed to manage an organization's overall security posture.