Access
This describes technical controls that govern how Users or other systems interact with a computing resource
Access Control System p462
These are the four (4) processes in Account Control System
Identification, Authentication, Authorization & Accounting p462
This Accounting Principle states a User cannot DENY having performed an action
Non Repudiation p463
A password is this type of Authentication Factor
Something You Know p465
These 2 hardware tokens contain a chip holding digital certificates
Smart Card or USB Fob 466
This is the solution to the problem of Authenticating subjects on public networks
Public Key Infrastructure (PKI) p471
This describes a list of Subjects and the Permissions granted on an Object
Access Control List (ACL) p462
This Firewall Rule states, "unless there is a Rule granting Access, the Request is DENIED"
Implicit DENY (Usually LAST Statement in ACL) p462
Accounting is the process of establishing these and storing those events
AUDIT Logs p463
A smartcard is this type or Authentication Factor
Something You Have p465
This hardware token generates a time sensitive code that expires in 60 seconds or less
RSA Token p466
Public Key Cryptography relies on these 2 types of Keys
Public & Private Keys p471
This implies creating an account that identifies a User or Process
Identification p462
This Rule states "User Only Granted Rights needed to perform their job - No More"
LEAST Privilege p462
These devices can be used to record entry/egress to an area
Video Surveillance Cameras p463
A fingerprint is this type or Authentication Factor
Something You Are p465
These are generated by an application on the Users computer or Smartphone
Software Token (Microsoft Authenticator) p466
This element within PKI is responsible for issuing digital certificates
Certificate Authority (CA) p471
This describes proving a Subject is who or What they claim when attempting to access a Resource
Authentication p462
This Access Model is based on Organizational job duties (Ex, Departmental)
ROLE Based Access (RBAC) p463
These Access devices provide strong Authentication based on physical characteristics
Biometric Scanner p464
This is a longer password comprising a number of words
Passphrase p465
This Authentication method is also described as something you are
Biometrics p467
This Algorithm function can Encrypt messages and passwords (MD5/SHA-2)
Cryptographic Hashing p472
This determines what Rights or Permissions an Authenticated Subject has within a Resource
Authorization p462
This Access Model is based on Security Clearances as found in Military or Government
MANDATORY Access Control (MAC) p463
This physical or electronic token demonstrates a User requested and was issued a product or service
Receipt p464
This authentication methods is a set of digits only you know
Personal Identification Number (PIN) p465
These are a few other Biometrics beyond Fingerprints
Iris, Retina & Facial Recognition (Voice & "Gait" too) p467
This is the process of connecting two Private Networks across an Public Network
Virtual Private Network (VPN) p473
This is process of Logging Access & Permissions used to Resources
Accounting p462
This Access Model is based on the Data Owner's "opinion"
DISCRETIONARY Access Control (DAC) p463
These are the three (3) default categories of User Accounts created with Windows OS
Administrator, Guest & User (Standard) p464
Tracing a shape by connecting dots constitutes this Authentication method
Pattern Lock p465
This unique Location Authentication factor may be layered on other methods for increased security
Somewhere you are p467
These Rules make Passwords difficult to Crack
Length, Complexity, Memorable, Confidential, History, Reuse p474
This term refers to the resources being protected via Access Control System
Object p462
This Access Control term refers to any model where Access is determined and enforced by Policies
Rule Based Access (RBAC & MAC) p463
This Account allows Access without a password and is disabled by default
Guest p464
This is the main shortcoming of Symmetric Encryption
Distribution & Storage of the KEY p470
List 2 forms of Location Based Authentication (from the book)
GPS or IP Address p467
This Password Crack works by repeated attempts to guess the answer (Time & Processing Power)
Brute Force p473