April 2016
Intermediate to advanced
558 pages
19h 52m
English
book
Information Security Management Handbook, Volume 5, 6th Edition
by Micki Krause Nozaki, Harold F. Tipton
Content preview from Information Security Management Handbook, Volume 5, 6th Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
15
Chapter 2
Whitelisting
Sandy Bacik
Access control consists of permitting or denying the use of a particular resource. Within
networking environments, particularly at the network perimeter, enterprises have used blacklist-
ing. Blacklisting consists of banning a list of resources from access. As the unauthorized and
invalid access attempts increased, the blacklist continued to grow. is method allowed every-
thing unless explicitly denied, i.e., default allow. Enterprises are now doing the reverse, only allow-
ing authorized access, i.e., whitelisting, the “known good.” Whitelisting turns blacklisting upside
down, categorizing everything as ...