Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
12 Cards in this Set
- Front
- Back
- 3rd side (hint)
CIA also refered to AIC |
Confidentiality, Inegrity, Availability |
|
|
Opposiste of CIA |
DAD: Disclosure, Alteration, and Destruction |
|
|
AAA |
Authentication, Authorization, & Accountability.
|
(Identifcation must be established before 3 A's.) |
|
User's cannot deny (repudiate) having performed a transaction. |
Nonrepudiation |
Combines authentications and Integrity. |
|
Granted minum amount of access (authorization) to perform a job |
Least Privledged |
Applied to groups of Objects |
|
Users must need to know that specific piece of information before accessing it. |
Need to Know |
More granular than Least Privledged |
|
An active entitiy on a data system |
SUBJECT |
People accessing data files |
|
Layered Defense that applies mulitple safeguards |
Defense-in-Depth |
Controls - measures taken to reduce risk |
|
Access Control Models |
DAC, MAC, Nondiscretionary Access |
Primary access control models |
|
Gives Subjects full contorl of objects they have access to. |
DAC: Discritonary Access Control |
Standard Windows/Unix operating sytem |
|
MAC |
System-enforced access control based on subject's cleareance and object's label. |
System that Usullay focuses on preventing confidentiality. |
|
Role-Based Access Control |
(RBAC) - Nondiscretionary access control based on role of the subject |
Subjects are grouped. |