LESSON 5

It is the method by which systems determine whether and how to admit a user into a trusted area of the organization

Through authentication and authorization, access control policies make sure users are who they say they are and that they have appropriate access to company data.

Access control cannot be applied to limit physical access to campuses, buildings, rooms, and data centers

It grants access based on defined business functions rather than the individual user’s identity.

In this method, the owner or administrator of the protected system, data, or resource sets the policies for who is allowed access.

It’s common in government and military environments.

Attribute-based access control draws on a set of characteristics called “attributes.”

Without a robust access control policy, organizations risk data leakage from both internal and external sources.

Intrusion is when attacker attempts to gain entry or disrupt normal operation