•  Authentication: proof of the assertion.
                          •  Authorization: what a user can do.
                          •  Accounting: logging.
                   •  Data remanence = data remains even if
                       deleted (i.e., what is left on the drive after
                       deleted).
                   •  Security domain = group of subjects that
                       share similar privileges or management
                       controls.
                   •  Capability tables = authorization table.

               Control Categories
               Tip: Identify which controls are done before the
               fact (e.g., deterrent) and which are done afterward
               (e.g., corrective).  When reading a question,
               determine if it is asking about a before or after the
               fact control and then choose the answer
               accordingly.
                   •  Deterrent: discourage incident
                          •  Administrative: policy.
                          •  Technical: warning banner.
                          •  Physical: beware of dog sign.
                   •  Preventative: avoid an incident
                          •  Administrative: user registration
                              procedure.
                          •  Technical: password-based login, IPS.
                          •  Physical: fence.
                   •  Detective: identify incident
                          •  Administrative: review violation
                              reports.
                          •  Technical: logs, ids.