Access Controls

0.0(0)
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/13

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

14 Terms

1

Mandatory Access Controll

Strictest model. Labels and clearance levels can only be applied and changed by an administrator. Every resource has a sensitivity label matching a clearance level assigned to a user.

2

Discretionary Access Control

A security model that allows resource owners to determine who can access their resources, granting them the ability to assign permissions as they see fit.

3

Attribute Based Access Control

A security model that grants access based on user attributes, such as roles, policies, and environment conditions, allowing for more dynamic and fine-grained control. Uses statements close to natural language

4

Rules Based Access Control

A security model that grants access to resources based on pre-defined rules and conditions, often incorporating attributes and policies to automate permission management.

5

Least Privilege

A security principle that suggests users should be granted the minimum level of access necessary to perform their job functions, thus reducing the risk of unauthorized access or damage.

6

Managerial Controls

Policies, procedures, and regulations designed to manage and reduce risks to an organization's information security. (e.g., Disaster Recover Plan & Business Continuity Plan)

7

Technical Controls

Security measures implemented through technology to protect information systems and data.

8

Operational Controls

Procedures and processes implemented to manage day-to-day operations and mitigate risks to information security.

9

Physical Controls

Measures that protect physical assets and facilities, such as locks, access controls, and security personnel.

10

Compenstating Controls

Alternative security measures used when primary controls are not feasible, ensuring adequate protection of information systems.

11

Detective Controls

Measures designed to identify and respond to security incidents or breaches, such as logging and monitoring systems.

12

Corrective Controls

Measures that are implemented to rectify security incidents or breaches after they occur, restoring systems to normal operations and mitigating further damage.

13

Deterrent Controls

Measures that discourage security violations by instilling a perception of risk or consequence, such as warning signs and access restrictions.

14

Preventative Controls

Measures implemented to prevent security incidents or breaches from occurring, including firewalls, access controls, and security training.