Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
23 Cards in this Set
- Front
- Back
|
Authentication |
The process of verifying the identity of the user. |
|
|
Access Controls |
Help protect against threats and vulnerabilities by reducing exposure to unauthorized activities and providing access to information and systems to only those who have been approved. |
|
|
Least privilege |
Requires that users or process be granted access to only those resources necessary to perform assigned functions. |
|
|
7 main categories of access control |
Directive, deterrent, preventive, detective, corrective, compensating, and recovery. |
|
|
Three types of access control |
Administrative, physical, and technical |
|
|
Types of failures in biometric identification systems |
False rejection - failure to recognize a legitimate user. Fault acceptance - erroneous rejection, either by confusing one user with another or by accepting an imposter as a legitimate user. |
|
|
Three fundamental types of authentication |
Authentication by knowledge - something a person knows, authentication by possession - something a person has, and authentication by characteristic - something a person is. |
|
|
Potential vulnerability of a Kerberos authentication server |
A single point of failure and therefore should be supported by backup and continuity plans. |
|
|
Need to know |
Control access and the owner determines ______ in the mandatory access control system |
|
|
MAC |
Based on cooperative interaction between the system and the information on them. The systems decision control access and the owner provides the need-to-know control. |
|
|
Issues with considering biometric |
Resuspended counterfeiting user acceptance reliability and accuracy data storage requirements target user and the coach |
|
|
Fundamental disadvantage of biometrics |
Revoking credentials. When considering the role of biometrics, its close interaction with people, and the privacy and sensitivity of the information collected, the inability to revoke the physical attribute of the credential becomes a major concern. |
|
|
Role-based access control RBA |
Is based on user job functions. The model bases the access control authorizations on the rules or functions that the user is assigned within an organization. The determination of what roles have access to resources can be governed by the owner of the data, as with DACs, or applied based on policy, as with MACs. |
|
|
Identity management |
A set of technologies and processes intended to offer greater efficiency in the management of a diverse user and technical environment. |
|
|
A disadvantage of single sign on |
A compromise password exposes all authorized resources. |
|
|
least privilege |
Only rights required to perform a job should be provided to a user, group, or role |
|
|
Authorization process |
Is a record of all privileges allocated should be maintained. Privileges should not be granted until the authorization process is complete and validated. |
|
|
Associated with each system service or application |
Privileges and the defined roles within the organization to which they are needed to be identified and clearly documented |
|
|
Phases of the access provisioning lifecycle |
Provisioning review and revocation |
|
|
Most significant concern with user entitlements |
Business and organizational processes and access aggregation |
|
|
Guard dog |
Operational components of physical security |
|
|
Primary purpose for using the one-way encryption of a user password within a system |
It prevents an unauthorized person from reading or modifying the password list. |
|
|
Typical biometric characteristics that are used to the uniquely authenticate an individual's identity |
Retina scans Iris scans Palms scans |
