Comptia a+

A computer is secure if you can depend on it and its software to behave as you expect I this assignment I will writer about how Linux provides security to you information. The major technical areas of computer security are usually represented by CIA confidentiality, integrity, and authentication or availability. It means that information cannot access by unauthorized people.

Formal user access control procedures must be documented, implemented and kept up to date for each application and information system to ensure authorised user access and to prevent unauthorised access. They must cover all stages of the lifecycle of user access, from the initial registration of new users to the final de-registration of users who no longer require access. These must be agreed by IDI. User access rights must be reviewed at regular intervals to ensure that the appropriate rights are still allocated. System administration accounts must only be provided to users that are required to perform system administration tasks.

Access control refers to the mechanisms that identify who can and cannot access a network, resource, application, specific action.

Wm. Arthur Conklin, G. W. (2012). Principles of Computer Security: CompTIA Security+™ and Beyond (Exam SY0-301), Third Edition. In G. W. Wm. Arthur Conklin, _Principles of Computer Security: CompTIA Security+™ and Beyond (Exam SY0-301), Third Edition_ (p. Chapter 20). McGraw-Hill Company.

Mandatory access control is a single user, normally the network admin, who is given access to the users’ rights and privileges. They control access policies and are also in control of choosing which objects and what systems each individual user has access to and what they do not have access to. The access is made in the form of different levels. Each system and all folders containing information are put into a specific classification. The user will be in a certain classification that will only allow them to access data

C2 - Controlled Access Protection: In this sub division similarity protect like C1 but following are the extra protected by this C2: Object protection can be on a single-user basis, Authorization for access may only be assigned by authorized users, Object reuse protection, Mandatory identification and authorization procedures for users, Full auditing of security events, Protected system mode of operation and Added protection for authorization and audit

Due in Week Seven: Outline the Access Control Policy. Describe how access control methodologies work to secure information systems

3.p16 The purpose of access control is to regulate interactions between a subject and an object, such as data, a network or device

22. Which of the following features should not be there in an access control system?

mandatory and discretionary access control policies. ACM Transactions on Information and System Security, Vol. 3, No. 2.

Role based access control is an ideology through which access to systems is restricted based on authority given. It is used by organizations with a relatively large number of employees ranging from five hundred to one thousand and above (Sieunarine & University of Oxford, 2011). This is implemented through the mandatory access control or through the discretionary access control. These are the only two ways through which role based access control can be implemented.

Access control has been in use before the growth of the technology world. It could involve a simple action as locking a door. A person locks a door to prevent entry to those who are not allowed or authorize to do so. The same can be said about the security involving databases and the controlling of who can have access and what can be accessed. As far as database security is concerned, there are various categories that are involved in access control. The four main categories of access control include: Discretionary, Mandatory, Role-based, and Rule-based access control.

What is Operating System Security, Operating system security is the process of ensuring OS integrity, confidentiality and availability also OS security refers to specified steps used to protect the OS from threats, viruses, worms, malware or remote hacker. OS security include all avoiding-control techniques, which safeguard any computer information from being stolen, edited or deleted if OS security is included. OS security allows different applications and programs to perform required tasks and stop unauthorized interference. OS security may be applied in many ways. We 're going to discuss following topics in this article. A brief description about security and what are the types of encryption and what is Authentication, One Time passwords, Program Threats, System Threats and Computer Security Classifications.

Confidentiality: Access controls help ensure that only authorized subjects can access objects. When unauthorized entities are able to access systems or data, it results in a loss of confidentiality.

Access control: The ability to permit or deny the use of an object (a passive entity such as a system or file) by a subject (an active entity such as a person or process).