click below
click below
Normal Size Small Size show me how
Chapter 11- Security
Term | Definition |
---|---|
access control | The mechanism used in an information system for granting or denying approval to use specific resources. |
access control list (ACL) | a set of permissions that is attached to an object |
access control model | a predefined framework that the custodian can use for controlling access. |
account expiration | the process of setting a user's account to expire on a certain date or when it has been inactive for a given amount of time |
Discretionary Access Control (DAC) | least restrictive access control model |
Extended TACACS (XTACACS) | The Second version of the Terminal Access Control System |
Group Policy | Microsoft Windows feature that provides centralized management and configuration of computers and remote users |
Implicit Deny | Rejecting access unless a condition is explicitly met |
job rotation | The act of moving individuals from one job responsibility to another |
Kerberos | An authentication system developed by the Massachusetts Institute of Technology (MIT) and used to verify the identity of networked users |
LDAP injection attack | An attack that constructs LDAP statements based on user input statements, allowing the attack to retrieve information from the LDAP database or modify it's content |
least privilege | Providing only the minimum amount of privileges necessary to perform a job or function |
Lightweight Directory Access Protocol (LDAP) | A protocol for a client application to access an X.500 directory |
Mandatory Access Control (MAC) | The most restrictive access control model, typically found in military settings in which security is of supreme importance |
mandatory vacations | Requiring that all employees take vacations |
Remote Authentication Dial In User Service (RADIUS) | An industry standard authentication service with widespread support across nearly all vendors of networking equipment |
Role Based Access Control (RBAC) | A "real world" access control model in which access is based on a user's job function within the organization |
Rule Based Access Control (RBAC) | An access control model that can dynamically assign roles to subjects based on a set of rules defined by a custodian. |
Secure LDAP | Transporting LDAP traffic over Secure Sockets Layer (SSL) or Transport Layer Security (TLS) |
Security Assertion Markup Language (SAML) | An Extensible Markup Lanaguage (XML) standard that allows secure web domains to exchange user authentication and authorization data |
separation of duties | The practice of requiring that processes should be divided between two or more individuals |
TACACS+ | The current version of the Terminal Access Control Access Control System (TACACS) authentication service. |
Terminal Access Control Access Control System (TACACS) | An authentication service commonly used on UNIX devices that communicates by forwarding user authentication information to a centralized server. The current version is TACACS+ |
time-of-day restriction | Limitation imposed as to when a user can log in to a system or access resources |