ACCESS CONTROL
To regulate who can view or use resources in a computing environment.
What is the primary purpose of access control in cybersecurity?
Security, Education and Compliance
What is SEC (in context of cybersecurity)?
Use strong passwords and regularly update software
What are was to keep information safe online?
Discretionary Access (DAC) and Mandatory Access Control (MAC)
What is two types of access control models?
Firewalls or Encryption
What are some common security measure organizations?
Protects sensitive information by converting it to a code that can only be read by authoriuzed parties.
What is the importance of data encryption?
Users should have the minimum level of access necessary to perform their job functions.
What is the principle of priviledge?
An incident that results in unauthorized access to data or a system
What is a security breach?
A technique used to trick individuals into providing sensitive information by impersonating a trustworthy entity.
What is phishing?
A security system that requires more than one method of aunthentication from independent categories of credentials to verify a user's identity.
What is multi-factor authentication (MFA)?
Identify vulnerabilities and potential threats or risks
What is one way to assess risks in information security?
Following company best practices and being aware of security policies.
What are ways for employees contribute to keeping information safe?
The assignment of permissions based on roles - this minimizes the risk of unauthorized access
What is Role-based access control?
Helps organizations to prepare for annd effectively respond to security incidents
What is incident response planning?
Educate employees about security risks and best practices to reduce the likelihood of human error leading to breeches
What is the role of cybersecurity training in organizations?