2 cissp ® Official Study Guide Eighth Edition


The CIA Triad and Access Controls



Download 19,3 Mb.
Pdf ko'rish
bet540/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   536   537   538   539   540   541   542   543   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

The CIA Triad and Access Controls 
One of the primary reasons organizations implement access control mechanisms is to pre-
vent losses. There are three categories of IT loss: loss of
confi dentiality
,
availability
, and 
integrity
(CIA). Protecting against these losses is so integral to IT security that they are 
frequently referred to as the
CIA Triad
(or sometimes the AIC Triad or Security Triad). 
Confidentiality
Access controls help ensure that only authorized subjects can access 
objects. When unauthorized entities can access systems or data, it results in a loss of 
confi dentiality. 

582
Chapter 13 

Managing Identity and Authentication
Integrity
Integrity ensures that data or system configurations are not modified without 
authorization, or if unauthorized changes occur, security controls detect the changes. If 
unauthorized or unwanted changes to objects occur, it results in a loss of integrity.
Availability
Authorized requests for objects must be granted to subjects within a reason-
able amount of time. In other words, systems and data should be available to users and 
other subjects when they are needed. If the systems are not operational or the data is not 
accessible, it results in a loss of availability.
Types of Access Control
Generally, an access control is any hardware, software, or administrative policy or proce-
dure that controls access to resources. The goal is to provide access to authorized subjects 
and prevent unauthorized access attempts. Access control includes the following overall 
steps:
1.
Identify and authenticate users or other subjects attempting to access resources.
2.
Determine whether the access is authorized.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   536   537   538   539   540   541   542   543   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish