CHAPTER SUMMARY
Understanding the importance of access controls and security policies is vital for every organization. Security is only as strong as the weakest link, and if employees feel that security measures negatively affect their job performance, they may find ways around it.
You have read about best practices for access controls and how they benefit everyone in an organization. Whether it is implementing system access controls, application access, file and folder access controls, or data access controls, or combining them in a multilayer implementation, access control systems are essential for protecting all data, systems, and applications. This chapter also examined ways to secure remote connections and extranets. Data can be secured through VPNs and TLS encryption to protect it while in transit over the Internet.
KEY CONCEPTS AND TERMS
CHAPTER 7 ASSESSMENT
- E-commerce and banking sites should have no encryption enabled because the communication between the two points is already protected via the user ID.
- True
- False
- _______________ is the largest developer and publisher of international standards.
- Intranets are extensions of the corporate network for business partners and customers.
- True
- False
- Which of the following indicates you are using a secure website? (select two.)
- Web address starts with “shttp”
- Web address starts with “https”
- Padlock icon
- Key icon
- Which organization develops RFCs?
- NIST
- FISMA
- ISO
- IETF
- _______________ is a body of the U.S. government that provides standards for financial institutions.
- You are creating a SQL Server database account for a user who must be able to create databases on the server. What is the minimum level of access that will allow this activity?
- dbcreator
- sysadmin
- serveradmin
- rootadmin
- What is a trusted source for a digital certificate called?
- Trusted certificate
- Trusted authority
- Certificate authority
- Certificate trusted
- _______________ sets the FISMA standards for the federal IT systems.