CISSP Training Guide

Domain 1, “Access Control”

Accountability

Except in certain extreme circumstances, shared accounts must be avoided. This policy must be clearly reflected in the security policy and strictly enforced.

Access Controls

The typical access control types used are

Discretionary access control (DAC)— Essentially based on human decisions about whether someone (or a service, an application, and so on) should be allowed access to a particular resource, such as a file or directory.
Mandatory access control (MAC)l— Applies a higher level of access control in which the computer system strictly controls who can access what resources. Because MAC is based on using classification levels, it is more popular in government-type environments. You should be aware ...

Get CISSP Training Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CISSP Training Guide by Roberta Bragg - CISSP

Domain 1, “Access Control”

Accountability

Access Controls

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly