Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access...
-
Upload
shannon-pitts -
Category
Documents
-
view
215 -
download
0
Transcript of Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access...
![Page 1: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/1.jpg)
Security Control Families
Technical Class
![Page 2: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/2.jpg)
ID Class Family # ofCA Management Security Assessment and Authorization 6PL Management Planning 5PM Management Program Management 11RA Management Risk Assessment 4SA Management System and Services Acquisition 14/40AT Operational Awareness and Training 5CM Operational Configuration Management 9CP Operational Contingency Planning 10IR Operational Incident Response 8MA Operational Maintenance 6MP Operational Media Protection 6PE Operational Physical and Environmental Protection 19PS Operational Personnel Security 8SI Operational System and Information Integrity 13/84AC Technical Access Control 19AU Technical Audit and Accountability 14IA Technical Identification and Authentication 8SC Technical System and Communications Protection 34/75
![Page 3: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/3.jpg)
Access ControlAC-2 Account ManagementAC-3 Access EnforcementAC-4 Information Flow EnforcementAC-5 Separation of DutiesAC-6 Least PrivilegeAC-7 Unsuccessful Login AttemptsAC-8 System Use NotificationAC-10 Concurrent Session ControlAC-11 Session Lock
AC-14Permitted Actions without Identification or Authentication
AC-17 Remote AccessAC-18 Wireless AccessAC-19 Access Control for Mobile DevicesAC-20 Use of External Information SystemsAC-22 Publicly Accessible Content
800-46 (Telework) 800-77 (IPSec) 800-113 (SSL) 800-114 (External Devices) 800-121 (Bluetooth) 800-48 (Legacy Wireless) 800-94 (IDPS) 800-97 (802.11i Wireless) 800-124 (Cell Phones/PDA)
OMB M 06-16 (Remote Access)
![Page 4: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/4.jpg)
IPSec VPNsSP 800-77
Network Layer Security– The Need for Network Layer Security– Virtual Private Networking (VPN)
• Gateway-to-Gateway Architecture• Host-to-Gateway Architecture• Host-to-Host Architecture
IPsec Fundamentals– Authentication Header (AH– Encapsulating Security Payload (ESP– Internet Key Exchange (IKE– IP Payload Compression Protocol (IPComp– Putting It All Together
• ESP in a Gateway-to-Gateway Architecture• ESP and IPComp in a Host-to-Gateway Architecture• ESP and AH in a Host-to-Host Architecture
![Page 5: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/5.jpg)
Network Layer Security
Confidentiality Integrity Peer Authentication Replay Protection Traffic Analysis Access Control
![Page 6: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/6.jpg)
IPSec VPNs
– Gateway-to-Gateway Architecture– Host-to-Gateway Architecture– Host-to-Host Architecture
![Page 7: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/7.jpg)
Gateway-to-Gateway Architecture
![Page 8: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/8.jpg)
Host-to-Gateway Architecture
![Page 9: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/9.jpg)
Host-to-Host Architecture
![Page 10: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/10.jpg)
Model Comparison
![Page 11: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/11.jpg)
IPsec Protocols
Authentication Header (AH) Encapsulating Security Payload (ESP) Internet Key Exchange (IKE) IP Payload Compression Protocol (IPComp)
![Page 12: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/12.jpg)
SSL VPNsSP 800-113
Virtual Private Networking (VPN) SSL Portal VPNs SSL Tunnel VPNs Administering SSL VPNs SSL VPN Architecture
![Page 13: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/13.jpg)
SSL VPNs
SSL Portal VPNs SSL Tunnel VPNs Administering SSL VPNs
Many of the cryptographic algorithms used in some SSL cipher suites are not FIPS-approved, and therefore are not allowed for use in SSL VPNs that are to be used in applications that must conform to FIPS 140-2.
![Page 14: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/14.jpg)
SSL VPN Architecture
![Page 15: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/15.jpg)
SSL Protocol Basics
Versions of SSL and TLS Cryptography Used in SSL Sessions Authentication Used for Identifying SSL Servers
![Page 16: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/16.jpg)
Knowledge Check
What is the protocol, used by IPSec that negotiates connection settings, authenticates endpoints to each other, defines the security parameters of IPsec-protected connections, negotiates secret keys, and manages, updates, and deletes IPsec-protected communication channels?
Because AH transport mode cannot alter the original IP header or create a new IP header, transport mode is generally used in which VPN architecture?
Which VPN technologies are approved for use by Federal agencies?
![Page 17: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/17.jpg)
Private Wireless
![Page 18: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/18.jpg)
Public Wireless
![Page 19: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/19.jpg)
Wireless Protocols
![Page 20: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/20.jpg)
Cell Phone Security
![Page 21: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/21.jpg)
Bluetooth Security
![Page 22: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/22.jpg)
Audit & Accountability
AU-2 Auditable EventsAU-3 Content of Audit RecordsAU-4 Audit Storage Capacity
AU-5Response to Audit Processing Failures
AU-6Audit Review, Analysis, and Reporting
AU-7Audit Reduction and Report Generation
AU-8 Time Stamps
AU-9Protection of Audit Information
AU-10 Non-repudiationAU-11 Audit Record RetentionAU-12 Audit Generation
800-92 Log Mgmt
FIPS 180-3 SHA FIPS 186-3 DSS FIPS 198-1 HMAC
![Page 23: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/23.jpg)
Log Management
Log Sources Analyze Log Data Respond to Identified Events Manage Long-Term Log Data Storage
![Page 24: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/24.jpg)
Log Sources
Log Generation Log Storage and Disposal Log Security
![Page 25: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/25.jpg)
Analyze Log Data
Gaining an Understanding of Logs Prioritizing Log Entries Comparing System-Level and Infrastructure-Level
Analysis Respond to Identified Events
![Page 26: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/26.jpg)
Manage Long-Term Log Data Storage
Choose Log Format for Data to be Archived Archive the log Data Verify Integrity of Transferred Logs Store Media Securely
![Page 27: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/27.jpg)
Integrity Standards
FIPS 186-3 Digital Signature Standard FIPS 180-3 Secure Hash Standard FIPS 198-1 The Keyed-Hash Message Authentication
Code (HMAC)
![Page 28: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/28.jpg)
Identification & Authentication
IA-2Identification and Authentication(Organizational Users)
IA-3Device Identification and Authentication
IA-4 Identifier ManagementIA-5 Authenticator ManagementIA-6 Authenticator FeedbackIA-7 Cryptographic Module Authentication
IA-8Identification and Authentication (Non- Organizational Users)
800-63 (E-auth) 800-73 800-76 800-78
FIPS 140-2 FIPS 201 HSPD 12 OMB 04-04 (E-auth) OMB 05-24
(HSPD12)
CryptoBiometricsPIV Interfaces
![Page 29: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/29.jpg)
Personal Identity & Verification (PIV)
![Page 30: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/30.jpg)
IA Policy & Standard
HSPD 12 (Policy) FIPS 201-1 (Implementation)
– PIV-I - Security Requirements – PIV-II - Technical Interoperability Requirements (Smartcards)
30
![Page 31: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/31.jpg)
E-Authentication Guideliens
Level 1 – No Identity Proofing Level 2 – Single-factor Authentication, Identity Proofing
Requirements Level 3 – Multi-factor Authentication Level 4 – Multi-factor using Hard Token
OMB M-04-04 E-Authentication Guidance for Federal Agencies
31
![Page 32: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/32.jpg)
System & Communications ProtectionSC-2 Application PartitioningSC-3 Security Function IsolationSC-4 Information in Shared ResourcesSC-5 Denial of Service ProtectionSC-7 Boundary ProtectionSC-8 Transmission IntegritySC-9 Transmission ConfidentialitySC-10 Network Disconnect
SC-12Cryptographic Key Establishment and Management
SC-13 Use of CryptographySC-14 Public Access ProtectionsSC-15 Collaborative Computing Devices
SC-17 Public Key Infrastructure CertificatesSC-18 Mobile CodeSC-19 Voice Over Internet Protocol
SC-20Secure Name /Address Resolution Service (Authoritative Source)
SC-21Secure Name /Address Resolution Service (Recursive or Caching Resolver)
SC-22Architecture and Provisioning forName/Address Resolution Service
SC-23 Session AuthenticitySC-24 Fail in Known StateSC-28 Protection of Information at RestSC-32 Information System Partitioning
800-32 (PKI) 800-41 (Firewalls) 800-52 (TLS) 800-58 (VoIP) 800-63
FIPS 140-2 FIPS 197 OMB 05-24 (PIV) OMB 08-23 (DNS)
800-77 800-81 (DNSSEC) 800-95 (Secure Web) 800-113
![Page 33: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/33.jpg)
Firewall Technologies
Packet Filtering Stateful Inspection Application Firewalls Application-Proxy Gateways Dedicated Proxy Servers Virtual Private Networking Network Access Control Unified Threat Management (UTM Web Application Firewalls Firewalls for Virtual Infrastructures
![Page 34: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/34.jpg)
Knowledge Check
Name the AES-based, wireless encryption mechanism used in the 802.11i wireless specification?
In which security mode are Bluetooth devices considered “promiscuous”, and do not employ any mechanisms to prevent other Bluetooth-enabled devices from establishing connections?
Which security control requires the information system protect against an individual falsely denying having performed a particular action?
Which e-authentication level, described in the special publication 800-63, requires multifactor authentication, and the use of a hard token?
![Page 35: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/35.jpg)
Cryptographic Services
Data integrity Confidentiality Identification and authentication Non-repudiation
![Page 36: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/36.jpg)
Cryptographic Security Mechanisms
![Page 37: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/37.jpg)
Symmetric Key EncryptionObjective: Confidentiality via Bulk Encryption
![Page 38: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/38.jpg)
The Problem with Symmetric Keys
![Page 39: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/39.jpg)
Asymmetric Key EncryptionObjective: Symmetric Key Exchange/Authentication
![Page 40: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/40.jpg)
Hash FunctionsObjective: Data Integrity
![Page 41: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/41.jpg)
Digital SignatureObjective: Non-Repudiation (Authentication + Integrity)
![Page 42: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/42.jpg)
PKISP 800-32
Security Services Non-cryptographic Security Mechanisms Cryptographic Security Mechanisms PKI Components PKI Architectures
![Page 43: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/43.jpg)
PKI Componenets
Certification Authority (CA) Registration Authority (RA) Repository Archive Public Key Certificate Certificate Revocation Lists (Crls) PKI Users
![Page 44: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/44.jpg)
TLSSP 800-52
![Page 45: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/45.jpg)
Mapping The Security Parts of TLS to Federal Standards
![Page 46: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/46.jpg)
Key Establishment
RSA DH (Diffie-Hellman) Fortezza-KEA
![Page 47: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/47.jpg)
Confidentiality/Symmetric Key Algorithms
IDEA RC4 3DES-EDE AES
![Page 48: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/48.jpg)
Signature & Hashes
RSA DSA MD5 SHA1
![Page 49: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/49.jpg)
VoIPSP 800-58
Overview of VoIP Privacy and Legal Issues with VoIP VoIP Security Issues Quality of Service Issues VoIP Architechtures Solutions to the VoIPsec Issues
![Page 50: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/50.jpg)
Overview of VoIP
![Page 51: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/51.jpg)
Public Facing Web Server
![Page 52: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/52.jpg)
DNS Transaction Threats & Security Objectives
![Page 53: Security Control Families Technical Class. Access Control AC-2Account Management AC-3Access Enforcement AC-4Information Flow Enforcement AC-5Separation.](https://reader034.fdocuments.us/reader034/viewer/2022052701/56649dac5503460f94a9c339/html5/thumbnails/53.jpg)
Technical Security Controls Key Concepts & Vocabulary
AC – Access Control AU – Auditing & Accountability IA – Identification & Availability SC – System & Communication Protection