From the course: CISSP Cert Prep (2021): 5 Identity and Access Management
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Advanced authorization concepts
From the course: CISSP Cert Prep (2021): 5 Identity and Access Management
Advanced authorization concepts
- [Instructor] The implicit deny principle, otherwise known as "default deny," is one of the foundational principles of access control systems. This principle says that anything that is not explicitly allowed should be denied. If a computer doesn't have explicit instructions on how to handle a situation, it should default to denying access. Firewalls are the most common example of the default deny principle in action. When a firewall receives a connection request, it first consults its rules to determine whether a rule explicitly addresses the situation. If the firewall finds a matching rule, it carries out the action in that rule. If the firewall doesn't have explicit guidance on handling the request, it blocks that connection request. Now, the default deny principle is a very important security concept, especially when it relates to firewall configurations. You should be very familiar with this idea when you take the…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.