Information system mainly comprises of three components Subject (component which accesses), Object (component which is accessed), Access Control (component which controls what objects can be accessed by subjects and importantly to what extent). Security Management Practices and Access Control are important domains to learn strong information security concepts. This domain, as the name suggests, talks more about how to control the access movements of Subject. The domain discusses access control concepts, methodologies and (practical) implementations within centralized and decentralized environments. It also discusses control techniques like personnel, technical, physical and measures likes preventive, detective and corrective.
No comments:
Post a Comment