FUNDAMENTALS OF
INFORMATION
SECURITY - D430 CH 3
(37 QUESTIONS AND
ANSWERS)
Authorization - answer process of determining
exactly what an authenticated party can do.
Typically implement authorization using access
controls
Access controls - answer tools & systems used to
deny or allow access. Can be based on physical
attributes, set of rules, lists of individuals or
systems, or other more complex factora.
sandboxes - answer isolated environments
containing a set of resources for a given purpose.
Used to prevent contents from accessing files,
memory, ad other system resources with which
they shouldnt be interacting.
, Java Virtual Machine - answer An example of
sandbox. Used to run programs written in the Java
programming language & constructed specifically
to protect users against potentially malicious
downloaded software.
Two main methods of implementing access controls
- answer - access control lists
- capabilities
Access Control Lists (ACLs) - answer lists
containing information about what kind of access
certain parties are allowed to have to a given
system.
3 permissions in ACL filing systems - answer - read
- write
- execute
Media Access Control - answer unique identifiers
hard-coded into each network interface in a given
system
IP addresses - answer unique address assigned to
each device on any network that uses the Internet
Protocol for communication. IP addresses can be
falsified & they're not unique to network interface
INFORMATION
SECURITY - D430 CH 3
(37 QUESTIONS AND
ANSWERS)
Authorization - answer process of determining
exactly what an authenticated party can do.
Typically implement authorization using access
controls
Access controls - answer tools & systems used to
deny or allow access. Can be based on physical
attributes, set of rules, lists of individuals or
systems, or other more complex factora.
sandboxes - answer isolated environments
containing a set of resources for a given purpose.
Used to prevent contents from accessing files,
memory, ad other system resources with which
they shouldnt be interacting.
, Java Virtual Machine - answer An example of
sandbox. Used to run programs written in the Java
programming language & constructed specifically
to protect users against potentially malicious
downloaded software.
Two main methods of implementing access controls
- answer - access control lists
- capabilities
Access Control Lists (ACLs) - answer lists
containing information about what kind of access
certain parties are allowed to have to a given
system.
3 permissions in ACL filing systems - answer - read
- write
- execute
Media Access Control - answer unique identifiers
hard-coded into each network interface in a given
system
IP addresses - answer unique address assigned to
each device on any network that uses the Internet
Protocol for communication. IP addresses can be
falsified & they're not unique to network interface
