January 18, 2012

1.2.10 Implicit Deny

Implicit deny refers to the security principle of starting a user out with no access rights and granting permissions to resources as required. It requires that all access is denied by default and access permissions are granted to specific resources only when required.

An implicit deny clause is implied at the end of each ACL, and it means that if the proviso in question has not been explicitly granted, then it is denied.

References:
  • CompTIA Security+ Study Guide: Exam SY0-301, Fifth Edition by Emmett Dulaney
  • CompTIA Security+ Review Guide: Exam SY0-301, Second Edition by James M. Stewart

No comments:

Post a Comment