Information Technology > QUESTIONS & ANSWERS > Lesson 3 Authorization and Access Control- WGU C836, top Questions and answers, rated A+ (All)

Lesson 3 Authorization and Access Control- WGU C836, top Questions and answers, rated A+

Document Content and Description Below

Lesson 3 Authorization and Access Control- WGU C836, top Questions and answers, rated A+ Attributes of a particular individual, such as height - ✔✔-Subject attributes allows us to specify wh... ere the party should be allowed or denied access, and access control enables us to manage this access at a more granular level. - ✔✔-Authorization Authorization allows us to specify where the party should be allowed or denied access, and _________ enables us to manage this access at a more granular level. - ✔✔-access control dictates that we should only allow the bare minimum of access to a party—this might be a person, user account, or process - ✔✔-principle of least privilege What dictates that we should only allow the bare minimum of access, as needed? A Policy B User rights C Principle of least privilege D ACL - ✔✔-C Principle of least privilege four basics tasks of access controls - ✔✔-Allowing access, Denying access Limiting access and revoking access is simply a set of resources devoted to a program, process, or similar entity, outside of which the entity cannot operate. We use sandboxes to prevent their contents from accessing files, memory, and other system resources with which they should not be interacting - ✔✔-sandbox access controls, there are two main methods that we might use - ✔✔-access control lists and capabilities often referred to as "ackles," are a very common choice of access control implementation. are usually used to control access in the file systems on which our operating systems run and to control the flow of traffic in the networks to which our systems are attached. - ✔✔-Access control lists (ACLs) When we look at the ACLs in most file systems, we commonly see three permissions in use - ✔✔-read, write, and execute Permissions in network ACLs tend to be binary in nature, generally consisting of - ✔✔-allow and deny filtering can take the form of dropping traffic from individual IP addresses, to ranges, to the entire IP space of large organizations, ISPs, or even entire countries. This practice is commonly referred to as - ✔✔-blackholing FTP uses ports - ✔✔-20 and 21 to transfer files, Internet Message Access Protocol (IMAP) uses port - ✔✔-143 for managing e-mail Secure Shell (SSH) uses port - ✔✔-22 to manage remote connections to systems are oriented around the use of a token that controls our access. We can think of a token in a capability as being analogous to the personal badge we might use to open the door in a building - ✔✔-capabilities when the software with access to a resource has a greater level of permission to access the resource than the user who is controlling the software - ✔✔-Confused deputy problem Two of the more common client-side attack are - ✔✔-cross-site request forgery (CSRF) and clickjacking. are attacks that take advantage of weaknesses in applications that are running on the computer being operated directly by the user, often referred to as the client. - ✔✔-Client-side attacks is an attack that misuses the authority of the browser on the user's computer. If the attacker knows of, or can guess, a Web site to which the user might already be authenticated - ✔✔-CSRF most common access control models in security world are - ✔✔-discretionary access control, mandatory access control, rule-based access control, role-based access control, and attribute-based access control. is a model of access control based on access being determined by the owner of the resource in question. The owner of the resource can decide who does and does not have access, and exactly what access they are allowed to have - ✔✔-Discretionary access control (DAC) is a model of access control in which the owner of the resource does not get to decide who gets to access it, but instead access is decided by a group or individual who has the authority to set access on resources. - ✔✔-Mandatory access control (MAC) is, logically, based on attributes. These can be the attributes of a particular person, of a resource, or of an environment. - ✔✔-Attribute-based access control (ABAC) are used to control access, based on whether the party on the other end can pass a test that is, in theory, too difficult for a machine to complete, thus proving the party to be human. - ✔✔-Captchas model implements a combination of DAC and MAC and is primarily concerned with the confidentiality of the resource in question - ✔✔-Bell-LaPadula The level of access granted to an individual must be at least as high as the classification of the resource in order for the individual to be able to access it. - ✔✔-The simple security property In Bell-LaPadula, we have two security properties that define how information can flow to and from the resource - ✔✔-The simple security property and The * property Anyone accessing a resource can only write its contents to one classified at the same level or higher. - ✔✔-The * property is primarily concerned with protecting the integrity of data, even at the expense of confidentiality. - ✔✔- The Biba model of access control The level of access granted to an individual must be no lower than the classification of the resource. - ✔✔-The simple integrity axiom Anyone accessing a resource can only write its contents to one classified at the same level or lower. - ✔✔-The * integrity axiom Biba has two security rules that are the exact reverse of those we discussed in the Bell-LaPadula model - ✔✔-The simple integrity axiom and The * integrity axiom also known as the Chinese Wall model, is an access control model designed to prevent conflicts of interest - ✔✔-The Brewer and Nash mode [Show More]

Last updated: 11 months ago

Preview 1 out of 11 pages

Reviews( 0 )

Recommended For You

 Engineering> QUESTIONS & ANSWERS > ECE FINAL EXAM Questions and answers, 100% Accurate, rated A+ (All)

preview
ECE FINAL EXAM Questions and answers, 100% Accurate, rated A+

ECE FINAL EXAM Questions and answers, 100% Accurate, rated A+ Functional play - ✔✔-can be defined as play with toys or objects according to their intended function (for instance, a ball is used f...

By Topmark , Uploaded: Mar 14, 2023

$7

 *NURSING> QUESTIONS & ANSWERS > CPB Practice Exam Questions and answers, 100% Accurate. Verified. (All)

preview
CPB Practice Exam Questions and answers, 100% Accurate. Verified.

CPB Practice Exam Questions and answers, 100% Accurate. Verified. Managed care organization were created to manage benefits and to develop participating provider networks. Managed care can now be...

By Topmark , Uploaded: Mar 15, 2023

$10

 Organizational Behavior> QUESTIONS & ANSWERS > WGU - C715 Organizational Behavior - MCQ 3, Top Exam Questions and answers, rated A+ (All)

preview
WGU - C715 Organizational Behavior - MCQ 3, Top Exam Questions and answers, rated A+

WGU - C715 Organizational Behavior - MCQ 3, Top Exam Questions and answers, rated A+ 1) What is the primary purpose of a workgroup? A) to generate positive synergy B) to improve collective per...

By Topmark , Uploaded: Mar 14, 2023

$6

 *NURSING> QUESTIONS & ANSWERS > CCI ARDMS practice test Questions and answers, Graded A+, latest updates (All)

preview
CCI ARDMS practice test Questions and answers, Graded A+, latest updates

CCI ARDMS practice test Questions and answers, Graded A+, latest updates On an apical 4 chamber view, if you move the color Doppler sample box from the mitral level to the pulmonary veins, ______...

By Topmark , Uploaded: Mar 21, 2023

$11

 Management> QUESTIONS & ANSWERS > RCFE Exam Predictor Questions and answers, 100% Accurate, Verrified. (All)

preview
RCFE Exam Predictor Questions and answers, 100% Accurate, Verrified.

RCFE Exam Predictor Questions and answers, 100% Accurate, Verrified. Of the following medical conditions identified below, which condition(s) are prohibited in RCFE's: - ✔✔Gastrostomy Care A writ...

By Topmark , Uploaded: Mar 17, 2023

$8

 Real Estate> QUESTIONS & ANSWERS > PSI Exam State-Brokerage activities and requirements, Exam Questions and answers, rated A+ (All)

preview
PSI Exam State-Brokerage activities and requirements, Exam Questions and answers, rated A+

PSI Exam State-Brokerage activities and requirements, Exam Questions and answers, rated A+ A licensee tells a prospective buyer, "The landfill 2 miles upwind from this house has never posed a p...

By bundleHub Solution guider , Uploaded: May 05, 2023

$3

 *NURSING> QUESTIONS & ANSWERS > CPB PRACTICE EXAM QUESTIONS AND ANSWERS, Graded A. Verified. WHO IS COVERED BY CHAMPVA? (All)

preview
CPB PRACTICE EXAM QUESTIONS AND ANSWERS, Graded A. Verified. WHO IS COVERED BY CHAMPVA?

CPB PRACTICE EXAM QUESTIONS AND ANSWERS, Graded A. Verified. WHO IS COVERED BY CHAMPVA? A) VETERANS WITH SERVICE - CONNECTED DISABILITIES AND THEIR FAMILIES B) ACTIVE DUTY MILITARY AND THEIR FAM...

By Topmark , Uploaded: Mar 15, 2023

$13

 Social Sciences> QUESTIONS & ANSWERS > Assessment, LCDC, Questions and answers, 100% Accurate, graded A+ (All)

preview
Assessment, LCDC, Questions and answers, 100% Accurate, graded A+

Assessment, LCDC, Questions and answers, 100% Accurate, graded A+ Assessment - ✔✔-An ongoing process through which the counselor collaborates with the client and others to gather and interpret in...

By Topmark , Uploaded: Mar 22, 2023

$8

 *NURSING> QUESTIONS & ANSWERS > A&P Exam 1 Top Questions and answers, 100% Accurate, rated A Histology would be best defined as a study (All)

preview
A&P Exam 1 Top Questions and answers, 100% Accurate, rated A Histology would be best defined as a study

A&P Exam 1 Top Questions and answers, 100% Accurate, rated A Histology would be best defined as a study of - ✔✔-tissues The study of large body structures, visible to the naked eye, such as the he...

By Topmark , Uploaded: Mar 18, 2023

$8

 Probability and Statistics> QUESTIONS & ANSWERS > WGU - C722, Top Exam Questions and answers, 100% Accurate, rated A+ (All)

preview
WGU - C722, Top Exam Questions and answers, 100% Accurate, rated A+

WGU - C722, Top Exam Questions and answers, 100% Accurate, rated A+ Three essential drivers that must be achieved to generate positive characteristics in project teams - ✔✔- Cohesiveness, Trust, M...

By Topmark , Uploaded: Mar 16, 2023

$10

$8.00

Add to cart

Instant download

Can't find what you want? Try our AI powered Search

OR

GET ASSIGNMENT HELP
43
0

Document information


Connected school, study & course



About the document


Uploaded On

Mar 16, 2023

Number of pages

11

Written in

Seller


seller-icon
Topmark

Member since 1 year

65 Documents Sold


Additional information

This document has been written for:

Uploaded

Mar 16, 2023

Downloads

 0

Views

 43

Document Keyword Tags

THE BEST STUDY GUIDES

Avoid resits and achieve higher grades with the best study guides, textbook notes, and class notes written by your fellow students

custom preview

Avoid examination resits

Your fellow students know the appropriate material to use to deliver high quality content. With this great service and assistance from fellow students, you can become well prepared and avoid having to resits exams.

custom preview

Get the best grades

Your fellow student knows the best materials to research on and use. This guarantee you the best grades in your examination. Your fellow students use high quality materials, textbooks and notes to ensure high quality

custom preview

Earn from your notes

Get paid by selling your notes and study materials to other students. Earn alot of cash and help other students in study by providing them with appropriate and high quality study materials.

WHAT STUDENTS SAY ABOUT US


What is Browsegrades

In Browsegrades, a student can earn by offering help to other student. Students can help other students with materials by upploading their notes and earn money.

We are here to help

We're available through e-mail, Twitter, Facebook, and live chat.
 FAQ
 Questions? Leave a message!

Follow us on
 Twitter

Copyright © Browsegrades · High quality services·