Quick Tips

  • Access is a flow of information between a subject and an object.

  • A subject is an active entity that requests access to an object, which is a passive entity.

  • A subject can be a user, program, or process.

  • Confidentiality is the assurance that information is not disclosed to unauthorized subjects.

  • Some security mechanisms that provide confidentiality are encryption, logical and physical access control, transmission protocols, database views, and controlled traffic flow.

  • Identity management solutions include directories, web access management, password management, legacy single sign-on, account management, and profile update.

  • Password synchronization reduces the complexity of keeping up with different passwords for different systems.

  • Self-service ...

Get CISSP Certification All-in-One Exam Guide, Fourth Edition, 4th Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.