click below
click below
Normal Size Small Size show me how
Ch. 11 Securit Terms
Chapter 11 Computer Security
Term | Definition |
---|---|
Access Control | The mechanism used in an information system for granting or denying approval to use specific resources. |
Access Control List (ACL) | A set of permissions that is attached to an object. |
Access Control Model | A predefined framework found in hardware and software that a custodian can use for controlling access. |
Account Expiration | The process of setting a user's account to expire |
Extended TACACS (XTACACS) | The second version of the Terminal Access Control Access Control System authentication service |
Group Policy | A Microsoft Windows feature that provides centralized management and configuration of computers and remote users |
Implicit deny | Rejecting access unless a condition is explicitly met |
Job rotation | The act of moving individuals from one job responsibility to another |
Kerberos | An authentication system developed by the Massachusetts Institute of Technology (MIT) and used to verify the identity of networked users |
LDAP injection attack | An attach that constructs LDAP statements based on user input statements, allowing the attacker to retrieve information from the LDAP database of modify its content |
Least privilege | Providing only the minimum amount of privileges necesary to perform a job or function |
Lightweight Directory Access Protocol (LDAP) | A protocol for a client application to access an X.500 directory. |
Mandatory Access Control (MAC) | The most restrictive access control model, typically found in military settings in which security is of supreme importance. |
Mandatory vacations | Requiring that all employees take vacations |
Remote Authentication Dial In User Service (RADIUS) | An industry standard authentication service with widespread support across nearly all vendors of networking equipment |
Role Based Access Control (RBAC) | A "real-world" access control model in which access is based on a user's job function within the organization |
Rule Based Access Control (RBAC) | An access control model that can dynamically assign roles to subjects based on a set of rules defined by a custodian. |
Secure LDAP | Transporting LDAP traffic over secure Soccets Layer (SSL) or Transport Layer Security (TLS) |
Security Assertion Markup Language (SAML) | An Extensible Markup Language (XML) standard that allows secure web domains to exchange user authentication and authorization data. |
Separation of duties | The practive of requiring that processes should be divided between two or more individuals |
TACACS+ | The current version of the Terminal Access Control Access Control System (TACACS) authentication service. |
Terminal Access Control Access Control System (TACACS) | An authentication service commonly used on UNIX devices that communicates by forwarding user authentication information to a centralized server. The current version is TACACS+ |
Time-of-day restriction | Limitation imposed as to when a user can log in to a system on access resources. |