Official (ISC)² SSCP – Domain 1: Access Controls – Flashcards

A passive entity that typically receives or contains some form of data.

An active entity and can be any user, program, or process that requests permission to cause data to flow from an access control object to the access control subject or between access control objects.

A one-time password is generated without the use of a clock, either from a one-time pad or cryptographic algorithm.

Determines whether a user is permitted to access a particular resource.

Must be physically connected to the computer to which the user is authenticating.

Form a logical connection to the client computer but do not require a physical connection.

Have neither a physical nor logical connection to the client computer.

A set of rules, defined by the resource owner, for managing access to a resource (asset, service, or entity) and for what purpose.

The task of controlling information about users on computers.

Verify people's identities before the enterprise issues them accounts and credentials.

A popular network authentication protocol for indirect (third-party) authentication services.

A client/server-based directory query protocol loosely based on X.500, commonly used to manage user information. LDAP is a front end and not used to manage or synchronize data per se as opposed to DNS.

Designed to provide strong authentication using secret-key cryptography, allowing a single identity to be shared across multiple applications.

The device contains a password that is physically hidden (not visible to the possessor) but that is transmitted for each authentication.

A timer is used to rotate through various combinations produced by a cryptographic algorithm.

A series of trust relationships that authentication requests must follow between domains