CISSP: Study Notes — Security Management and Access Control

Secu­rity Management

  • Define com­pul­sory: manda­tory, enforced Ex. Fol­low­ing the secu­rity pol­icy is compulsory.

Access Con­trol

  • Eval­u­at­ing Bio­met­ric Devices
    The key con­cepts for this is mem­o­riza­tion of Type I error, Type II error, and CER. A Type I error is that of false rejec­tion. For exam­ple, Joe should be allowed in the data cen­ter. If Joe scans his retina and is denied access to the data cen­ter is it a false rejec­tion or Type I error. A Type II error is just the oppo­site. If Jill does not have access to the data cen­ter, scans her retina, and access is granted, that is a false accep­tance or Type II error.
  • DAC, MAC, and Secu­rity Labels
    The type of access con­trol sys­tem typ­i­cal com­puter users are accus­tomed to is called a Dis­cre­tionary Access Con­trol sys­tem. This means that a user’s right to read/write/execute an object is based soley on their need-to-know. Data own­ers are able to decide who can access the data via an Access Con­trol List (ACL). Because the mil­i­tary and other gov­ern­ment agen­cies want to con­trol access based both on clas­si­fi­ca­tion and need-to-know, they use the Manda­tory Access Con­trol sys­tem. A Secu­rity Label is an attribute of an object defin­ing it’s clas­si­fi­ca­tion level and need-to-know cat­e­gories. A per­son must have both a clear­ance equal to or greater than the object and have been granted a need-to-know for one or more of the cat­e­gories con­tained in the secu­rity label in order to access the object.
  • Capa­bil­ity Table
    This was a new term for me. Essen­tially a capa­bil­ity table is a list of per­mis­sions that is bound to a sub­ject whereas an ACL is a list of per­mis­sions bound to an object. I’m sure the term is wrong, but I like to think of it as an inverse of an ACL.
  • Traf­fic Analy­sis Attack
    Now to me, this attack is quite a stretch. basi­cally, it says that by watch­ing traf­fic pat­terns peo­ple can dis­cover infor­ma­tion. Now in that sim­ply form, yes, traf­fic mon­i­tor­ing can lead to all types of great infor­ma­tion. My prob­lem is with the book’s exam­ple: “For exam­ple, heavy traf­fic between HR and head­quar­ters could indi­cate an upcom­ing lay­off.” Maybe it’s just me, but that seems like a leap. I’m much more inclined to believe an upcom­ing lay­off could be revealed by look­ing at the email fly­ing by, not so much by the amount of traffic.

Leave a Reply