Transcription of Concepts (10) - Sunflower CISSP
{{id}} {{{paragraph}}}
Concepts (10) CIA DAD - NEGATIVE - (disclosure alteration and destruction) Confidentiality - prevent unauthorized disclosure, need to know, and least privilege. assurance that information is not disclosed to unauthorized programs, users, processes, encryption, logical and physical access control, Integrity - no unauthorized modifications, consistent data, protecting data or a resource from being altered in an unauthorized fashion Availability - reliable and timely, accessible, fault tolerance and recovery procedures, WHEN NEEDED IAAA requirements for accountability Identification - user claims identity, used for user access control Authentication - testing of evidence of users identity Accountability - determine actions to an individual person Authorization - rights and permissions granted Privacy - level of confidentiality and privacy protections Risk (12) Not possible to get rid of all risk.
rights and privileges necessary to perform their work and should only have them for the shortest time. Three types: Read only, Read/write and Access/change Two -man control two persons review and approve the work of each other, for very sensitive operations -two persons are needed to complete a task
Domain:
Source:
Link to this page:
Please notify us if you found a problem with this document:
{{id}} {{{paragraph}}}