Official (ISC)² SSCP – Domain 1: Access Controls – Flashcards
Unlock all answers in this set
Unlock answers
question
Access Control Object
answer
A passive entity that typically receives or contains some form of data.
question
Access Control Subject
answer
An active entity and can be any user, program, or process that requests permission to cause data to flow from an access control object to the access control subject or between access control objects.
question
Asynchronous Password Token
answer
A one-time password is generated without the use of a clock, either from a one-time pad or cryptographic algorithm.
question
Authorization
answer
Determines whether a user is permitted to access a particular resource.
question
Connected Tokens
answer
Must be physically connected to the computer to which the user is authenticating.
question
Contactless Tokens
answer
Form a logical connection to the client computer but do not require a physical connection.
question
Disconnected Tokens
answer
Have neither a physical nor logical connection to the client computer.
question
Entitlement
answer
A set of rules, defined by the resource owner, for managing access to a resource (asset, service, or entity) and for what purpose.
question
Identity Management
answer
The task of controlling information about users on computers.
question
Proof of Identity
answer
Verify people's identities before the enterprise issues them accounts and credentials.
question
Kerberos
answer
A popular network authentication protocol for indirect (third-party) authentication services.
question
Lightweight Directory Access Protocol (LDAP)
answer
A client/server-based directory query protocol loosely based on X.500, commonly used to manage user information. LDAP is a front end and not used to manage or synchronize data per se as opposed to DNS.
question
Single Sign-On (SSO)
answer
Designed to provide strong authentication using secret-key cryptography, allowing a single identity to be shared across multiple applications.
question
Static Password Token
answer
The device contains a password that is physically hidden (not visible to the possessor) but that is transmitted for each authentication.
question
Synchronous Dynamic Password Token
answer
A timer is used to rotate through various combinations produced by a cryptographic algorithm.
question
Trust Path
answer
A series of trust relationships that authentication requests must follow between domains