As stated in the last post, access controls are often implemented at various layers of a system. Some of these controls act as core components of operating systems, devices, and applications.
Access Control Levels
Access control consists of 3 main categories: administrative, technical, and physical. Each category has different access control mechanisms that are carried out manually or automatically.
Administrative Controls
- Policy and procedures
- Personnel controls
- Supervisory structure
- Security-awareness training
- Testing
- Network segregation
- Perimeter security
- Computer controls
- Work area separation
- Data backups
- Cabling
- Control zone
- System access
- Network architecture
- Network access
- Encryption and protocols
- Auditing
Administrative Controls
These construct security policies to delegate the development of supporting procedures, standards, and guidelines. Additionally, they indicate specific personnel controls should be implemented.
These construct security policies to delegate the development of supporting procedures, standards, and guidelines. Additionally, they indicate specific personnel controls should be implemented.
0 comments:
Post a Comment