Security and Access

Created by

billy

Cards (65)

Operating System

It is the computer's control program that allows users and their applications to share and access common resources, such as processors, main memory, databases, and printers.
Compilers and Interpreters 
They are the language translator modules of the operating system.
The operating system must protect itself from the users.
The operating system must protect users from each other.
The operating system must protect users from themselves.
The operating system must be protected from itself.
The operating system must be protected from its environment. 
5 Fundamental Control Objectives that must be achieved by the OS
Operating System Security 
It involves policies, procedures, and controls that determine who can access the operating system, which resources (files, programs, printers) they can access, and what actions they can take.
Log-on Procedure
Access Token
access Control List
Discretionary Access Privileges 
4 Security Components that are Found in Secure Operating Systems
Log-On Procedure 
It is the operating system's first line of defense against unauthorized access.
Access Token 
It contains key information about the user, including user ID, password, user group, and privileges granted to the user.
Access Control List 
It is assigned to each resource controls access to system resources, such as directories, files, programs, and printers. These lists contain information that defines the access privileges contained in the access token with those contained in the access control list.
Discretionary Access Privileges 
They allow resource owners to grant access privileges to other users.
Accidental Threats 
These include hardware failures that cause the OS to crash.
Intentional Threats 
These are most commonly attempts to illegally access data or violate user privacy for financial gain.
Password 
It is a secret code the user enters to gain access to systems, applications, data files, or a network server.
Reusable Password 
It is the most common method of password control in which the user defines the passwords to the system once and then reuses it to gain future access.
One-Time Password 
It was designed to overcome the aforementioned problems. Under this approach, the user's password changes continuously.
System Audit Trail 
These are logs that record activity at the system, application, and user levels.
Keystroke Monitoring 
It involves recording both the user's keystrokes and the system's responses. This form of log may be used after the fact to reconstruct the details of an event or as a real-time control to prevent unauthorized intrusion.
Event Monitoring 
It summarizes key activities related to system resources.
Real-time Detection 
Its primary objective is to protect the system from outsiders attempting to breach system controls.
Real-time Audit Trail 
It can also be used to report changes in system performance that may indicate infestation by a virus or worm.
Reconstructing Events 
Audit trail analysis can be used to reconstruct the steps that led to events such as system failures or security violations by individuals.
Personal Accountability 
Audit trails can be used to monitor user activity at the lowest level of detail. This capability is a preventive control that can influence behavior.
Detecting Unauthorized Access 
It can occur in real-time of after the fact. The primary objective of real-time protection is to protect the system from outsiders attempting to breach system controls.
Access Controls 
These are designed to prevent unauthorized individuals from viewing, retrieving, corrupting, or destroying the entity's data.
Backup Controls 
They ensure that in the event of data loss, the organization can recover its files and databases.
User Views 
Also known as subschema, is a subset of the total database that defines the user's data domain and restricts his or her access the database accordingly.
Database Authorization Table 
It contains rules that limit the actions a user can take.
User-defined Procedure 
It allows the user to create a personal security program or routine to provide more positive user identification than a password can.
Data Encryption 
It uses an algorithm to scramble selected data, thus making it unreadable to an intruder browsing the database.
Biometric Devices
They measure various personal characteristics, such as fingerprints, voiceprints, retina prints, or signature characteristics.
Transaction Log 
It provides an audit trail of all processed transactions. It lists transactions in a transaction log file and records the resulting changes to the database in a separate database change log
Checkpoint Feature 
It suspends all data processing while the system reconciles the transaction log and the database change log against the database.
Recovery Module 
It uses the logs and backup files to restart the system after a failure.
Firewall 
It is a system that enforces access control between two networks.
Network-level Firewalls 
_____ provide efficient but low security access control.
Screening Router 
_____ examines the source and destination addresses that are attached to incoming message packets.
Application-level Firewalls 
_____ provide a higher level of customizable network security, but they add overhead to connectivity.
Intrusion Prevention Systems (IPS) 
____ employ deep packet inspection (DPI) to determine when an attack is in progress.
Deep Packet Inspection 
____ uses a variety of analytical and statistical techniques to evaluate the contents of message packets.
Encryption 
It is the conversion of data into a secret code for storage in databases and transmission over networks.
The sender uses an encryption algorithm to convert the original message, called cleartext, into a coded equivalent, called ciphertext.