2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet31/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   27   28   29   30   31   32   33   34   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Other Security Concepts
In addition to the CIA Triad, you need to consider a plethora of other security-related 
concepts and principles when designing a security policy and deploying a security 
solution.
You may have heard of the concept of 
AAA services
. The three A’s in this abbreviation 
refer to authentication, authorization, and accounting (or sometimes auditing). However, 
what is not as clear is that although there are three letters in the acronym, it actually refers 
to five elements: identification, authentication, authorization, auditing, and accounting. 
These five elements represent the following processes of security:

Identification
: Claiming to be an identity when attempting to access a secured area
or system

Authentication
: Proving that you are that identity

Authorization
: Defining the permissions (i.e., allow/grant and/or deny) of a resource 
and object access for a specific identity

Auditing
: Recording a log of the events and activities related to the system and
subjects

Accounting
(aka 
accountability
): Reviewing log files to check for compliance and vio-
lations in order to hold subjects accountable for their actions
Although AAA is typically referenced in relation to authentication systems, it is actu-
ally a foundational concept for security. Missing any of these five elements can result in an 
incomplete security mechanism. The following sections discuss identification, authentica-
tion, authorization, auditing, and accountability (see Figure 1.2).

Understand and Apply Concepts of Confidentiality, Integrity, and Availability 
9
F I G u r e 1. 2
The five elements of AAA services
Identification
Authentication
Authorization
Auditing
Accounting

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   27   28   29   30   31   32   33   34   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish