KHO THƯ VIỆN 🔎

Ch 04 kho tài liệu training

➤  Gửi thông báo lỗi    ⚠️ Báo cáo tài liệu vi phạm

Loại tài liệu:     PDF
Số trang:         124 Trang
Tài liệu:           ✅  ĐÃ ĐƯỢC PHÊ DUYỆT
 













Nội dung chi tiết: Ch 04 kho tài liệu training

Ch 04 kho tài liệu training

CHAPTERAccess ControlThis chapter presents the following:•Identification methods and technologies•Authentication methods,models,and technologies•Discr

Ch 04 kho tài liệu trainingretionary, mandatory, and nondiscretionary models•Accountability, monitoring, and auditing practices•Emanation security and technologies•Intrusion det

ection systems•Possible threats to access control practices and technologiesA cornerstone in the foundation of information security is controlling how Ch 04 kho tài liệu training

resources are accessed so they can be protected from unauthorized modification or disclosure, rhe controls that enforce access control can be technic

Ch 04 kho tài liệu training

al, physical, or administrative in nature.Access Controls OverviewAccess controls are security features that control how users and systems communicate

CHAPTERAccess ControlThis chapter presents the following:•Identification methods and technologies•Authentication methods,models,and technologies•Discr

Ch 04 kho tài liệu training in determining the level of authorization after an authentication procedure has successfully completed. Although we usually think of a user as the en

tity that requires access to a network resource or information, there are many other types of entities that require access to other network entities, Ch 04 kho tài liệu training

and resources that are subject to access control. It is important to understand the definition of a subject and an object when working in the context

Ch 04 kho tài liệu training

of access control.Access is the flow of information between a subject and an object. A subject is an active entity that requests access to an object o

CHAPTERAccess ControlThis chapter presents the following:•Identification methods and technologies•Authentication methods,models,and technologies•Discr

Ch 04 kho tài liệu training, the program is the subject and the file is the object. An object is a passive entity that contains information. An object can be a computer, databas

e, file, computer program, directory, or field contained in a table within a database. When you look up information in a database, you are the active Ch 04 kho tài liệu training

subject and the database is the passive object, figure 4-1 illustrates subjects and objects.155CISSP All-in-One Exam Guide156SubjectsObjectsFigure 4-1

Ch 04 kho tài liệu training

Subjects are active entries that access objects, while objects are passive entitles.Access control is a broad term that covers several different type

CHAPTERAccess ControlThis chapter presents the following:•Identification methods and technologies•Authentication methods,models,and technologies•Discr

Ch 04 kho tài liệu trainings one of the first lines of defense in battling unauthorized access to systems and network resources, when a user is prompted for a username and passw

ord to use a computer, this is access control. Once the user logs in and later attempts to access a file, that file may have a list of users and group Ch 04 kho tài liệu training

s that have the right to access it. lithe user is not on this list, the user is denied. This is another form of access control. I he users' permission

Ch 04 kho tài liệu training

s and rights maybe based on their identity, clearance, and/or group membership. Access controls give organizations the ability to control, restrict, m

CHAPTERAccess ControlThis chapter presents the following:•Identification methods and technologies•Authentication methods,models,and technologies•Discr

Ch 04 kho tài liệu trainingty control are:•Availability•Integrity•ConfidentialityThese principles, which were touched upon in chapter 3, will be a running theme throughout this

book because each core subject of each chapter approaches these principles in a unique way. In Chapter 3, you read that security management procedures Ch 04 kho tài liệu training

include identifying threats that can negatively affect the availability, integrity, and confidentiality of the company's assets and finding cost-effe

Ch 04 kho tài liệu training

ctive countermeasures that will protect them. This chapter looks at the ways the three principles can be affected and protected through access control

CHAPTERAccess ControlThis chapter presents the following:•Identification methods and technologies•Authentication methods,models,and technologies•Discr

Ch 04 kho tài liệu trainingese security principles. It is critical that security professionals understand all of the possible ways these principles can be provided and circumven

ted.AvailabilityHey. I'm available.Response: But no one wants you.Information, systems, and resources must be available to users in a timely manner so Ch 04 kho tài liệu training

productivity will not be affected. Most information must be accessible and available to users when requested so the)' can carry out tasks and fulfill

Ch 04 kho tài liệu training

their responsibilities. Accessing information does not seem that important until it is inaccessible. Administrators experience this when a file serve

CHAPTERAccess ControlThis chapter presents the following:•Identification methods and technologies•Authentication methods,models,and technologies•Discr

Ch 04 kho tài liệu trainingensure the continuity of the availability of resources. User productivity can be greatly affected if requested data is not readily available.Informati

on has various attributes, such as accuracy, relevance, timeliness, and privacy. It may be extremely important for a stockbroker to have information t Ch 04 kho tài liệu training

hat is accurate and timely, so he can buy and sell slocks al the right limes al die right prices. The stockbroker may not necessarily care about the p

Ch 04 kho tài liệu training

rivacy of this information, only that it is readily available. A soft drink company that depends on its soda pop recipe would care about the privacy o

CHAPTERAccess ControlThis chapter presents the following:•Identification methods and technologies•Authentication methods,models,and technologies•Discr

Ch 04 kho tài liệu trainingrom unauthorized modification. When a security mechanism provides integrity, it protects data, ora resource, from being altered in an unauthorized fas

hion. If any type of illegitimate modification does occur, the security mechanism must alert the user or administrator in some manner. One example is Ch 04 kho tài liệu training

when a user sends a request lo her online bank account to pay her $24.56 water utility bill, rhe bank needs to be sure the integrity of that transacti

Ch 04 kho tài liệu training

on was not altered during transmission, so the user does not end up paying the utility company $240.56 instead. Integrity of data is very important, w

CHAPTERAccess ControlThis chapter presents the following:•Identification methods and technologies•Authentication methods,models,and technologies•Discr

Ch 04 kho tài liệu trainingrity mechanism in place that disallows this or alerts the President that this message has been altered? Instead of receiving a message reading, "We wo

uld love for you and your wife to stop by for drinks tonight," the message could be altered to say, "We have just bombed Libya." Big difference. Ch 04 kho tài liệu training

CHAPTERAccess ControlThis chapter presents the following:•Identification methods and technologies•Authentication methods,models,and technologies•Discr

Gọi ngay
Chat zalo
Facebook