Shared Flashcard Set

Details

Security + Chapter 9
Security + Chapter 9
14
Computer Science
Not Applicable
08/02/2012
Click here to study/print these flashcards.

Create your own flash cards! Sign up here.

Additional Computer Science Flashcards

 

 

Cards

Term
Access Control Model
 Definition
Methodologies in which admission to physical areas, and more important computer systems, is managed and organized.
Term
DAC
 Definition

Discretionary Access Control

 

An access control policy generally determined by the owner.
Term
TCSEC
 Definition

Trusted Computer System Evaluation Criteria

 

A DoD standard that sets basic requirements for assessing the effectiveness of computer security access policies. Also known as The Orange Book.
Term
MAC
 Definition

Mandatory Access Control

 

An access control policy determined by a computer system, not by a user or owner, as it is in DAC.
Term
RBAC
 Definition

Role Based Access Control

 

An access model that works with sets of permissions, instead of individual permissions that are label-based. So roles are created for various job functions in an organization.
Term
Implicit Deny
 Definition
Denies all traffic to a resource unless the users generating that traffic are specifically granted access to the resource. For example, when a device denies all traffic unless a rule is made to open the port associated with the type of traffic desired to be let through.
Term
Job Rotation
 Definition
When users are cycled through various assignments.
Term
SoD
 Definition

Separation of Duties

 

This is when more than one person is required to complete a particular task or operation.
Term
Least Privilege
 Definition
When a user is given only the amount of privileges needed to do his job.
Term
Account Expiration
 Definition
The date when users’ accounts they use to log on to the network expires.
Term
Permissions
 Definition
File system permissions control what resources a person can access on the network.
Term
Time-of-Day Restriction
 Definition
When a user’s logon hours are configured to restrict access to the network during certain times of the day and week.
Term
ACL
 Definition

Access Control List

 

A list of permissions attached to an object. They specify what level of access a user, users, or groups have to an object. When dealing with firewalls, an ACL is a set of rules that apply to a list of network names, IP addresses. and port numbers.
Term
Policy
 Definition
Rules or guidelines used to guide decisions and achieve outcomes. They can be written or configured on a computer.
Supporting users have an ad free experience!