CIST 1601 Chapter 6 Review

Audit trails are a type of detective security control. Detective controls are implemented to identify and respond to security incidents after they have occurred. Audit trails are records of events and activities that can be used to track and analyze security-related events in a system or network. They provide a historical record of activities, which can be crucial for investigating security incidents, monitoring compliance, and identifying potential security issues.

The access control model that is based on assigning attributes to objects and using Boolean logic to grant access based on the attributes of the subject is known as the Attribute-Based Access Control (ABAC) model.

The element used for identification among the options provided is the "Username." The username is a unique identifier associated with a user account and is typically used during the authentication process to uniquely identify the user. Usernames are often combined with other authentication factors, such as passwords or PINs, to verify the user's identity.

Job rotation is a practice where employees are periodically moved or rotated through different positions or tasks within an organization. This helps in reducing the risk of fraud or errors by ensuring that no single individual has prolonged access or control over sensitive functions.

If an Access Control List (ACL) automatically prevents access to anyone who is not on the list, it is referred to as "Implicit deny." Implicit deny is a default rule in many access control systems that denies access by default unless there is an explicit rule granting access.

The "Need to Know" principle ensures that individuals are granted access to information or resources based on their specific job responsibilities and the necessity to perform their duties. In a mandatory access control model, access decisions are often based on security clearances and the classification level of information.

The Principle of least privilege is a security concept that advocates providing individuals with the minimum level of access or permissions necessary to perform their job functions and tasks. By adhering to this principle, you reduce the potential for unauthorized access and limit the impact of security incidents or breaches.

Rule-based access control involves defining access control rules that specify conditions under which access is allowed or denied. In the case of router access control lists (ACLs), rules are defined based on the characteristics of IP packets, such as source and destination IP addresses, protocols, and port numbers.

Authentication is the process of verifying the claimed identity of an individual, system, or entity. It involves presenting credentials (such as usernames, passwords, or other factors) to a system or application to prove that the entity is who it claims to be. Successful authentication provides access to the system or resources, while failed authentication denies access.

The Separation of Duties principle involves dividing tasks and responsibilities among multiple individuals to reduce the risk of fraud, errors, or misuse of authority. In the context of issuing reimbursement checks, you might implement a system where multiple individuals are involved in the process, such as one person preparing the check, another authorizing it, and possibly a third person handling the distribution. This way, no single person has complete control over the entire process, enhancing accountability and security.