Cybersecurity > Access Control > Flashcards

Access Control Flashcards

Familiarity and memorizing with access control types and techniques. (7 cards)

Study These Flashcards
1
Q

What are the Access control categories?

A
  • Preventive: prevents actions. For example, background check before approving a tenant.
  • Detective: Sends alert during or after an attack. Like a network Intrusion Detection System(IDS) alerts network administrator of an attack.
  • Corrective: “correct” a damaged system or process. Like an anti-virus can quarantine and delete malicious software from a computer system or Intrusion Prevention System(IPS) can stop a network attack by blocking it.
  • Recovery: are for restoring functionality like restoring corrupted data with backup.
  • Deterrent: deter users from performing actions like a “beware of dog” sign.
  • Compensation: add additional security like defense in depth or multiple layers of security.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Access Control Models

A
  1. Mandatory Access Control.
  2. Discretionary Access Control.
  3. Role and Rule Based Access Control.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The Bell-LaPadula Model

A

Implements a combination of discretionary and mandatory access controls(DAC and MAC) and is primarily concerned with the confidentiality of the resource in question. In other words, making sure unauthorized people can’t read it. MAC precedes DAC. Two security properties define how information can flow:
* The Simple Security Property: The level of access to an individual must be as high as the classification of the resource in order for the individual to access it.
* The * Property(Star Property): Anyone accessing a resource can only write(or copy) its contents to another resource classified at the same level or higher.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The Biba Model

A

The Biba model of access control is primarily concerned with protecting the integrity of data, even at the expense of confidentiality. It has two security rules:
* The Simple Integrity Axiom: The lvel of access granted to an individual must be no lower than the classification of the resource.
* The * Integrity Axiom: Anyone accessing a resource can only write its contents to a resource classified at the same level or lower.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The Brewer and Nash Model

A

The Brewer and Nash model AKA Chinese Wall is an access control model designed to prevent conflicts of interest. This model is commonly used in industries that handle sensitive data such as the financial, medical, or legal industries.
This model considers three main resource classes:
* Objects: Resources, such as files, information
* Company Groups: All objects pertaining to an organization.
* Conflict Classes: All groups of objects concerning competing parties.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Cross-Site Request Forgery

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Clickjacking

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
Cybersecurity
flashcards
Decks in class (6)
# Cards
Brainscape helps you reach your goals faster, through stronger study habits.
© 2026 Bold Learning Solutions. Terms and Conditions