Term
Principles of access control? |
|
Definition
| Identity, authority, accountablity |
|
|
Term
|
Definition
(Something you know, something you are, something you have) IE Password, passcard, physicial attribute |
|
|
Term
| Conditions necessary for automating real world access control process. |
|
Definition
Reference Monitor Realtime/Dynamic allocation of access |
|
|
Term
|
Definition
Accurate Date/Up to date Monitoring/Enforcement Links users to the Apps/DB/Servers they need access to Processes for creation and termination |
|
|
Term
|
Definition
Nids = Network based interusion detection system Hids = Host based ids |
|
|
Term
|
Definition
Defined as: Eval by Hacking 3 Types: Zero, Partial, Full Knowledge Discovery, Enumeration, Vulnerability, User/Priviledge Access |
|
|
Term
| Term associated w/IA policies? |
|
Definition
Prevention Detection Containment Deterrence Recovery (PDC-DR) |
|
|
Term
| Information Assurance Process? |
|
Definition
CIA Confidentiality Integrity Availibility |
|
|
Term
| SANS Primer Trust Models? |
|
Definition
Trust everyone all the time Trust no one, all the time Trust some of the people, sometimes |
|
|
Term
| Identify several policies a company might need? |
|
Definition
Encryption, User, Audit, Reisk Assessment, Information Sensitivity, Password, Laptop, DMZ, Extranet, Anti-Virus, Router/Switch, Wireless, VPN, Remote Access |
|
|
Term
| 5 elements of define a functional info sec system? |
|
Definition
Designing Building Maintaining Reviewing Measuring Performance (Dons Bank Mixes Reciept Matching) |
|
|
Term
General Requirements for the Information Assurance Process |
|
Definition
| Confidentiality, Integrity, Availability, Authentication, Non-repudiation |
|
|
