4.1.6 Practice
Which access control model is based on assigning attributes to objects and using Boolean logic to grant access based on the attributes of the subject? Role-based access control (RBAC) Mandatory access control (MAC) Rule-based access control Attribute-based access control (ABAC)
Attribute-based access control (ABAC)
You have a system that allows the owner of a file to identify users and their permissions to the file. Which type of access control model is implemented? Role-based access control (RBAC) Mandatory access control (MAC) Rule-based access control Correct Answer: Attribute-based access control (ABAC)
Attribute-based access control (ABAC)
You want to implement an access control list in which only the users you specifically authorize have access to the resource. Anyone not on the list should be prevented from having access. Which of the following methods of access control should the access list use? Explicit allow, explicit deny Implicit allow, implicit deny Implicit allow, explicit deny Explicit allow, implicit deny
Explicit allow, implicit deny
After implementing the National Institute of Standards and Technology (NIST) Cybersecurity Framework, the chief information security officer (CISO) is assessing the company's security posture to identify deficiencies from the framework's recommendations. What process can the CISO run to get a better sense of what the company needs to improve upon? Penetration test Implement disaster recovery plan Gap analysis Implement business continuity plan
Gap analysis
Which of the following principles is implemented in a mandatory access control model to determine object access by classification level? Separation of duties Clearance Ownership Principle of least privilege Need to know
Need to know
You are a cybersecurity expert implementing a zero trust model in a large organization. You are tasked with designing the control and data planes. Which of the following strategies should you prioritize and why?
Neither, focus on the application plane to ensure that applications are secure and function properly. Prioritize the data plane to ensure that data traffic flows securely and efficiently across the network. Focus on the control plane to ensure that all network devices are properly configured and managed. Correct Answer: Balance your focus between the control and data planes, ensuring both are optimized for security and efficiency.
You have implemented an access control method that only allows users who are managers to access specific data. Which type of access control model is being used? Discretionary access control (DAC) Mandatory access control (MAC) Discretionary access control list (DACL) Role-based access control (RBAC)
Role-based access control (RBAC)
A corporation's IT department is integrating a new framework that permits, ascertains, and applies various resources in accordance with established company policies. Which principle should the department incorporate? Policy-driven access control Zero trust AAA Authorization models
Policy-driven access control
What is the primary purpose of separation of duties? Grant a greater range of control to senior management. Increase the difficulty of performing administrative duties. Prevent conflicts of interest. Inform managers that they are not trusted.
Prevent conflicts of interest.
Which of the following is an example of rule-based access control? A computer file owner who grants access to the file by adding other users to an access control list. A subject with a government clearance that allows access to government classification labels of Confidential, Secret, and Top Secret. A member of the accounting team that is given access to the accounting department documents. Router access control lists that allow or deny traffic based on the characteristics of an IP packet.
Router access control lists that allow or deny traffic based on the characteristics of an IP packet.
