2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet538/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   534   535   536   537   538   539   540   541   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Information
An organization’s information includes all of its data. Data might be stored 
in simple files on servers, computers, and smaller devices. It can also be stored on huge 
databases within a server farm. Access controls attempt to prevent unauthorized access to 
the information.
Systems
An organization’s systems include any information technology (IT) systems
that provide one or more services. For example, a simple file server that stores user
files is a system. Additionally, a web server working with a database server to provide an 
e-commerce service is a system.
Devices
Devices refer to any computing system, including servers, desktop computers, 
portable laptop computers, tablets, smartphones, and external devices such as printers. 
More and more organizations have adopted policies allowing employees to connect their 
personally owned device (such as a smartphone or tablet) to an organization’s network. 
Although the devices are typically owned by the employees, organizational data stored on 
the devices is still an asset of the organization.
Facilities
An organization’s facilities include any physical location that it owns or rents. 
This could be individual rooms, entire buildings, or entire complexes of several buildings. 
Physical security controls help protect facilities.
Personnel
Personnel working for an organization are also a valuable asset to an organiza-
tion. One of the primary ways to protect personnel is to ensure that adequate safety prac-
tices are in place to prevent injury or death.

Controlling Access to Assets 
581
Comparing Subjects and Objects 
Access control addresses more than just controlling which users can access which fi les or 
services. It is about the relationships between entities (that is, subjects and objects). Access 
is the transfer of information from an object to a subject, which makes it important to 
understand the defi nition of both subject and object. 

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   534   535   536   537   538   539   540   541   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish