CBK#1 Access Control Systems & Methodology - Page 8

CBK#1 Access Control System & Method. - Page 1 2 3 4 5 6 7 8

Access Control Monitoring
IDS / Intrusion detection:
Network-based - Monitors a network or a segment of the network.
Host-based - Monitors a particular system.
Knowledge-based / signature-based - Models of how the attacks are carried out are developed.
Behaviour-based / Statistical - Observes and detects deviation from expected behaviour of users and systems.
  TIM / Time-based induction machine - perform real-time anomaly
      detection.
Honeypot - A "fake" system that is not locked down and has open ports and services enabled within the network.
Network sniffers - Is a type of wiretap that plugs into a network for the purpose of eavesdropping on network traffic.

Threats to Access Control
Dictionary Attack:
Programs that enable an attacker to identify user credentials. The program is fed lists of commonly used words or combinations of characters, and the program applies these values to a logon prompt.
Brute Force Attack:
An attack that continually tries different inputs to achieve a predefined goal. Are also used in wardialing efforts.
Spoofing at Login:
A program that presents a fake login screen, to obtain user credentials.

CBK#1 Access Control System & Method. - Page 1 2 3 4 5 6 7 8

CISSP Summary 2002Related links | References

CBK#1 Access Control Systems & Methodology | CBK#2 Telecommunications & Network Security | CBK#3 Security Management Practices | CBK#4 Applications & Systems Development Security | CBK#5 Cryptography | CBK#6 Security Architecture & Models | CBK#7 Operations Security | CBK#8 Business Continuity Planning & Disaster Recovery Planning | CBK#9 Law, Investigations & Ethics | CBK#10 Physical Security

Contact:

E-mail: john.wallhoff@mailbox.swipnet.se
Written by: J.Wallhoff January - April 2002
Updated by: J.Wallhoff April 2002