Shared Flashcard Set

Details

Security + Chapter 9
Security + Chapter 9
14
Computer Science
Not Applicable
08/02/2012

Additional Computer Science Flashcards

 


 

Cards

Term
Access Control Model
Definition
Methodologies in which admission to physical areas, and more important computer systems, is managed and organized.
Term
DAC
Definition

Discretionary Access Control

 

An access control policy generally determined by the owner.

Term
TCSEC
Definition

Trusted Computer System Evaluation Criteria

 

A DoD standard that sets basic requirements for assessing the effectiveness of computer security access policies. Also known as The Orange Book.

Term
MAC
Definition

Mandatory Access Control

 

An access control policy determined by a computer system, not by a user or owner, as it is in DAC.

Term
RBAC
Definition

Role Based Access Control

 

An access model that works with sets of permissions, instead of individual permissions that are label-based. So roles are created for various job functions in an organization.

Term
Implicit Deny
Definition
Denies all traffic to a resource unless the users generating that traffic are specifically granted access to the resource. For example, when a device denies all traffic unless a rule is made to open the port associated with the type of traffic desired to be let through.
Term
Job Rotation
Definition
When users are cycled through various assignments.
Term
SoD
Definition

Separation of Duties

 

This is when more than one person is required to complete a particular task or operation.

Term
Least Privilege
Definition
When a user is given only the amount of privileges needed to do his job.
Term
Account Expiration
Definition
The date when users’ accounts they use to log on to the network expires.
Term
Permissions
Definition
File system permissions control what resources a person can access on the network.
Term
Time-of-Day Restriction
Definition
When a user’s logon hours are configured to restrict access to the network during certain times of the day and week.
Term
ACL
Definition

Access Control List

 

A list of permissions attached to an object. They specify what level of access a user, users, or groups have to an object. When dealing with firewalls, an ACL is a set of rules that apply to a list of network names, IP addresses. and port numbers.

Term
Policy
Definition
Rules or guidelines used to guide decisions and achieve outcomes. They can be written or configured on a computer.
Supporting users have an ad free experience!