Chapter 3: Access Control - Access Control Practices

These practices insure that the the level of access control that you have set stays at the same level as originally designed. You should be careful when reusing an object. All old info that is stored on an object should be deleted before the object is used to assess new subjects. This ensures that info is not disclosed to individuals and systems that should not have access to the old subject data. TEMPEST is a standard that suppresses electrical signals that devices emit to prevent others from having access to these signals. This tech is expensive, so it is usually only used in highly sensitive areas. Intrusion detection is a practice used to mitigate hacks. If the IDS suspects something, it notifies the proper parties immediately. There are three types of IDS. Signature-based, Anomaly-based, and Rule-based.