More on this book
Community
Kindle Notes & Highlights
Remember this Rule-based access control is based on a set of approved instructions, such as an access control list. Some rule-BAC systems use rules that trigger in response to an event, such as modifying ACLs after detecting an attack or granting additional permissions to a user in certain situations.
discretionary access control (DAC) model,
New Technology File System (NTFS)
security identifiers (SIDs),
discretionary access control list (DACL)
Access Control Entries (ACEs).
Remember this The DAC model specifies that every object has an owner, and the owner has full, explicit control of the object. Microsoft NTFS uses the DAC model.
mandatory access control (MAC)
Remember this The MAC model uses sensitivity labels for users and data. It is commonly used when access needs to be restricted based on a need to know. Sensitivity labels often reflect classification levels of data and clearances granted to individuals.
attribute-based access control (ABAC) evaluates attributes and grants access based on the value of these attributes.
Remember this The ABAC model uses attributes defined in policies to grant access to resources. It’s commonly used in software defined networks (SDNs).
D.
A.
B.
C.
B.
C.
A.
D.
D.
C.
C.
C.
D.
C. Role-BAC
D.
DDoS. A denial-of-service (DoS)
A distributed DoS (DDoS) attack includes multiple computers attacking a single target.
Transmission Control Protocol/Internet Protocol (TCP/ IP)
Hypertext Transfer Protocol (HTTP) and Simple Mail Transfer Protocol (SMTP), support
HTTP is 80
Transmission Control Protocol (TCP) provides connection-oriented traffic (guaranteed delivery).
User Datagram Protocol (UDP)
IPv4 uses 32-bit addresses represented in dotted decimal format, such as 192.168.1.100. IPv6 uses 128-bit addresses using hexadecimal code, such as FE80:0000:0000:0000:20D4:3FF7:003F:DE62.
ICMP. Internet Control Message Protocol (ICMP) is used for testing basic connectivity and includes tools such as ping, pathping, and tracert.
ARP. Address Resolution Protocol (ARP) resolves IPv4 addresses to media access control (MAC) addresses.
The Real-time Transport Protocol (RTP)
Voice over Internet Protocol (VoIP) communications, streaming media, video teleconferencing applications, and devices using web-based push-to-talk features.
Secure Real-time Transport Protocol (SRTP) provides encryption, message authentication, and integrity for RTP.
FTP. File Transfer Protocol (FTP)
FTP active mode uses TCP port 21 for control signals and TCP port 20 for data.
Trivial File Transfer Protocol (TFTP) uses UDP port 69 and is used
Secure Shell (SSH) encrypts traffic in transit and can be used to encrypt other protocols such as FTP.
The Secure Sockets Layer (SSL) protocol was the primary method used to secure HTTP traffic as Hypertext Transfer Protocol Secure (HTTPS).
TLS. The Transport Layer Security (TLS) protocol is the designated replacement for SSL and should be used instead of SSL.
IPsec. Internet Protocol security (IPsec) is used to encrypt IP traffic. It is native to IPv6 but also works with IPv4.
SFTP. Secure File Transfer Protocol (SFTP) is a secure implementation of FTP.
SFTP transmits data using TCP port 22.
Remember this Secure Shell (SSH) encrypts traffic over TCP port 22. Transport Layer Security (TLS) is a replacement for SSL and is used to encrypt many different protocols. Secure FTP (SFTP) uses SSH to encrypt traffic. FTP Secure (FTPS) uses TLS to encrypt traffic.
National Institute of Standards and Technology (NIST)
