Segregation or Separation of Duties: The practice of ensuring that an organizational process cannot be completed by a single person, which forces collusion as a means to reduce insider threats. Principle of Least Privilege: A standard of permitting only minimum access necessary for users or programs to fulfill their function. Defense in Depth: Information security strategy integrating people, technology, and operations capabilities to establish variable barriers across multiple layers and missions of the organization. Access Rule: An instruction developed to allow or deny access to an object by comparing the validated identity of the subject to an access control list. Object: Anything that a subject attempts to access. Subject: Any entity that requests access to our assets. Control: A safeguard or countermeasure designed to preserve Confidentiality, Integrity and Availability of data. Module 1: Understand Access Control Concepts (ISC)2 Certified in Cybersecurity Exam Preparation Course
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |