Access controls that are implemented at the discretion or option of the data user attribute-based access control (ABAC) capabilities table discretionary access controls (DACs) lattice-based access control (LBAC). A variation on the MAC form of access control- which assigns users a matrix of
authorizations for particular areas of access- incorporating the information assets of
subjects such as users and objects attribute-based access control (ABAC) capabilities table discretionary access controls (DACs) lattice-based access control (LBAC). A required- structured data classification scheme that rates each collection of
information as well as each user. mandatory access control (MAC) nondiscretionary access controls (NDACs) role-based access control (RBAC) task-based access control (TBAC). They are implemented by a central authority mandatory access control (MAC) nondiscretionary access controls (NDACs) role-based access control (RBAC) task-based access control (TBAC). An example of a nondiscretionary control where privileges are tied to the role a user
performs in an organization- and are inherited when a user is assigned to that role mandatory access control (MAC) nondiscretionary access controls (NDACs) role-based access control (RBAC) task-based access control (TBAC). An example of a nondiscretionary control where privileges are tied to a task a user
performs in an organization and are inherited when a user is assigned to that task. mandatory access control (MAC) nondiscretionary access controls (NDACs) role-based access control (RBAC) task-based access control (TBAC). An integration of access control lists (focusing on assets) and capabilities tables
(focusing on users) that results in a matrixwith organizational assets listed in the
column headings and users listed in the row headings access control matrix accountability authentication authorization. The access control mechanism that ensures all actions ona system—authorized or
unauthorized—can be attributed to anauthenticated identity. Also known as
auditability access control matrix accountability authentication authorization. The access control mechanism that requires the validation and verification of an
unauthenticated entity’s purportedidentity access control matrix accountability authentication authorization. The access control mechanism that represents the matching of an authenticated entity
to a list of information assets and corresponding access levels access control matrix accountability authentication authorization. It is the method by which systems determine whether and how to admit a user into a
trusted area of the organization—that is-information systems- restricted areas such as
computer rooms- and the entire physical location Access control dumb card identification passphrase. An authentication card that contains digital user data- such as a personal identification
number (PIN)- against which user input is compared. Access control dumb card identification passphrase. The access control mechanism whereby unverified or unauthenticated entities who
seek access to a resource provide a label by which they are known to the system Access control dumb card identification passphrase. A plain-language phrase- typically longer than a password- from which a virtual
password is derived Access control dumb card identification passphrase. A secret word or combination of characters that only the user should know- a
password is used to authenticate the user. password smart card biometric access control minutiae. An authentication component similar to a dumb card that contains a computer chip to
verify and validate several pieces of information instead of just a PIN password smart card biometric access control minutiae. The use of physiological characteristics to provide authentication for a provided
identification password smart card biometric access control minutiae. In biometric access controls- unique points of reference that are digitized and stored in
an encrypted format when the user’s system access credentials are created password smart card biometric access control minutiae. Firewall rules designed to prohibit packets with certain addresses or partial addresses
from passing through the device. address restrictions dynamic packet-filtering firewall firewall application layer proxy firewall. A firewall type that can react to network traffic and create or modify configuration
rules to adapt. address restrictions dynamic packet-filtering firewall firewall application layer proxy firewall. In information security- a combination of hardware and software that filters or
prevents specific information from moving between the outside network and the
inside network address restrictions dynamic packet-filtering firewall firewall application layer proxy firewall. A device capable of functioning both as a firewall and an application layer proxy
server. address restrictions dynamic packet-filtering firewall firewall application layer proxy firewall. An intermediate area between two networks designed to provide servers and firewall
filtering between a trusted internal network and the outside- untrusted network demilitarized zone (DMZ) proxy server content filter data loss prevention. A server that exists to intercept requests for information from external users and
provide the requested information by retrieving it from an internal server- thus
protecting and minimizing the demand on internal servers. Some proxy servers are
also cache servers. demilitarized zone (DMZ) proxy server content filter data loss prevention. A software program or hardware/software appliance that allows administrators to
restrict content that comes into or leaves a network—for example- restricting user
access to Web sites from material that is not related to business- such as pornography
or entertainment demilitarized zone (DMZ) proxy server content filter data loss prevention. A strategy to gain assurance that the users of a network do not send high value
information or other critical information outside the network demilitarized zone (DMZ) proxy server content filter data loss prevention. A private- secure network operated over a public and insecure network. virtual private network (VPN) In authentication factors - Something You Know In authentication factors - Something You Have In authentication factors - Something You Are or Can Produce. This factor of authentication relies on what the unverified user or system knows and
can recall—for example- a assword- passphrase- or other unique authentication codesuch as a personal identification number (PIN). virtual private network (VPN) In authentication factors - Something You Know In authentication factors - Something You Have In authentication factors - Something You Are or Can Produce. This authentication factor relies on something an unverified user or system has and
can produce when necessary. virtual private network (VPN) In authentication factors - Something You Know In authentication factors - Something You Have In authentication factors - Something You Are or Can Produce. This relies on individual characteristics- such as fingerprints- palm or prints virtual private network (VPN) In authentication factors - Something You Know In authentication factors - Something You Have In authentication factors - Something You Are or Can Produce. An adverse event in which an attacker attempts to gain entry into an information
system or disrupt its normal operations- almost always with the intent to do harm intrusion intrusion detection and prevention system (IDPS) intrusion detection system (IDS) IDPS response technique. The general term for a system that can both detect and modify its configuration and
environment to prevent intrusion intrusion detection and prevention system (IDPS) intrusion detection system (IDS) IDPS response technique. A system capable of automatically detecting an intrusion into an organization’s
networks or host systems and notifying a designated authority. intrusion intrusion detection and prevention system (IDPS) intrusion detection system (IDS) IDPS response technique. Terminating- Blocking- and Blocking all access intrusion intrusion detection and prevention system (IDPS) intrusion detection system (IDS) IDPS response technique. A process of grouping almost identical alarms that occur nearly at the same time into a
single higher-level alarm. Alarm clustering and compaction Alarm filtering Confidence value Evasion. The process of classifying IDPS alerts so they can be more effectively managed. Alarm clustering and compaction Alarm filtering Confidence value Evasion. The measure of an IDPS’s ability to correctly detect and identify certain types of
attacks which is based on fuzzy logic Alarm clustering and compaction Alarm filtering Confidence value Evasion. The process by which attackers change the format and/or timing of their activities to
avoid being detected by an IDPS Alarm clustering and compaction Alarm filtering Confidence value Evasion. An event that triggers an alarm when no actual attack is in progress. Scenarios that
test the configuration of IDPSs may use false attack stimuli to determine if the IDPSs
can distinguish between these stimuli and real attacks False attack stimulus False negative False positive Tuning. The failure of an IDPS to react to an actual attack event. False attack stimulus False negative False positive Tuning. An alert or alarm that occurs in the absence of an actual attack. False attack stimulus False negative False positive Tuning. The process of adjusting an IDPS to maximize its efficiency in detecting true positives
while minimizing false positives and false negatives. False attack stimulus False negative False positive Tuning. Alarm events that are accurate and noteworthy but do not pose significant threats to
information security Noise Site policy Data Collection Attack Deterrence. The rules and configuration guidelines governing the implementation and operation of
IDPSs within the organization Noise Site policy Data Collection Attack Deterrence. In the process of analyzing data and network activity- IDPSs can be configured to log
data for later analysis Noise Site policy Data Collection Attack Deterrence. Another reason to install an IDPS is that it serves as a deterrent by increasing the fear
of detection among would be attackers Noise Site policy Data Collection Attack Deterrence. The process of examining and verifying the higher-order protocols (HTTP- FTP- and
Telnet) in network traffic for unexpected packet behavior or improper use application protocol verification host-based IDPS (HIDPS) monitoring port protocol stack verification. An IDPS that resides on a particular computer or server- known as the host- and
monitors activity only on that system application protocol verification host-based IDPS (HIDPS) monitoring port protocol stack verification. Also known as a switched port analysis (SPAN) port or mirror port- a specially
configured connection on a network device that can view all the traffic that moves
through the device application protocol verification host-based IDPS (HIDPS) monitoring port protocol stack verification. The process of examining and verifying network traffic for invalid data packets—that ispackets that are malformed under the rules of the TCP/IP protocol application protocol verification host-based IDPS (HIDPS) monitoring port protocol stack verification.
