From the course: CISA Cert Prep: 5 Information Asset Protection for IS Auditors
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Access control models
From the course: CISA Cert Prep: 5 Information Asset Protection for IS Auditors
Access control models
- [Instructor] Alright, let's talk about access controls. So some important terms to know about when we talk about access controls are subjects, objects, and access. Well, a subject is the thing that does the accessing. It's the user that's interacting with the system. It's anything that can access something else, and the something else that we access is the object. The object is the passive entity that is accessed by subject. So, users are subjects, objects are things like files, or print services, or other services, maybe even a process you might consider an object in a way. And then access is the sort of level of interactivity that a subject is given to that object. It's the what you can do with that object like read, modify, delete, et cetera. And typically, information flows from subject to object and then from object to subject, or vice versa, right? We have information flowing between the two usually. So an access control model, that's what this section's really all about, is…
Contents
-
-
-
-
(Locked)
Data security2m 44s
-
(Locked)
Access control models15m 51s
-
(Locked)
Single sign-on9m 21s
-
(Locked)
Centralized access control9m 49s
-
(Locked)
Network security: Firewalls13m
-
(Locked)
Authentication protocols4m 12s
-
(Locked)
VPNs and tunneling10m 6s
-
(Locked)
Domain names system6m 20s
-
(Locked)
Cryptography overview: Part 113m 49s
-
(Locked)
Cryptography overview: Part 212m 28s
-
(Locked)
Cryptography: Hash algorithms and digital signatures6m 4s
-
(Locked)
Cryptography: Public key infrastructure and certificates10m 27s
-
(Locked)
PBX and VOIP security7m 33s
-
(Locked)
Secure protocols7m 11s
-
(Locked)
Wireless security10m 15s
-
(Locked)
Internet of Things and endpoint security2m 42s
-
(Locked)
Third-party vendor controls4m 37s
-
(Locked)
Physical and environmental security3m 6s
-
(Locked)
Security assessment and testing4m
-
(Locked)
Evidence collection and forensics3m 27s
-
(Locked)
-
-
-