CSE 4380 Chapter 4

¡Supera tus tareas y exámenes ahora con Quizwiz!

Controls access based on the identity of the requestor and on access rules A.) Discretionary Access Control B.) Mandatory Access Control C.)Role Based Access Control D.)Attribute Acces Control

A.) Discretionary Access Control

The basic elements of access control are: A.) subject, object, and access right B.) user, resource, security level C.) system, control, network D.) administration, user, security level

A.) subject, object, and access right

The ____________ component deals with the management and control of the ways entities are granted access to resources. A.)access management B.)Access control C.)access matrix D.)access control list

A.)access management

_______represent the authorized behavior of a subject; they are defined by an authority and embodied in a policy. A.)authorizations B.) audtis C.) Assessors D.) Subjects

A.)authorizations

This is an access matrix that is decomposed by rows. A.)capability ticket B.)Access control C.)access matrix D.)access control list

A.)capability ticket

An ______ is a resource to which access is controlled A.)object B.)resource C.) Subject D.) Access Right

A.)object

Controls access based on comparing security labels (which indicate how sensitive or critical system resources are) with security clearances A.) Discretionary Access Control B.) Mandatory Access Control C.)Role Based Access Control D.)Attribute Acces Control

B.) Mandatory Access Control

Basic access control systems typically define three classes of subjects: A.) Owner, root, System B.) Owner, Group, World C.) Owner, root, group D.)root, user, group

B.) Owner, Group, World

The least amount of access is granted to users who are able to access the system but are not included in the categories owner and group for this resource. A.) Object B.) World C.) Group D.)Owner

B.) World

One dimension consists of individual users or user groups, the other dimension lists the objects that may be accessed. A.) access control block B.) access matrix C.) access control list D.)capability ticket

B.) access matrix

These four policies are not _____. An access control mechanism can employ two or even all three of these policies to cover different classes of system resources. A.) mutually acceptable B.) mutually exclusive C.) relevant D.) mutually bonded

B.) mutually exclusive

defines _________ as the process of granting or denying specific requests to: (1) obtain and use information and related information processing services; and (2) enter specific physical facilities. A.)access management B.)Access control C.)access matrix D.)access right

B.)Access control

_______is an online Internet-scale gateway for identity service providers and relying parties to efficiently access user asserted, permissioned, and verified online identity attributes in high volumes at affordable costs. A.)Information Card Foundation B.)Attribute Exchange Network C.)Open Identity Exchange D.)Open Identity Trust Framework

B.)Attribute Exchange Network

These entities may be called on to check that parties' practices have been in line with what was agreed A.) Relying Parties B.)Auditors C.)Assessors D.)Subjects

B.)Auditors

The granting of a right or permission to a system entity to access a system resource. A.) Examination B.)Authorization C.)Audit D.) Authentication

B.)Authorization

An _______, which can be embodied in an authorization database,dictates what types of access are permitted, under what circumstances, and by whom. A.) default control policy B.)access control policy C.) system access policy D.) general security policy

B.)access control policy

An __________ describes the way in which a subject may access an object. A.)access management B.)access right C.)access matrix D.)access control list

B.)access right

In addition to the privileges assigned to an owner, a named _______ of users may also be granted access rights A.) Object B.) World C.) Group D.)Owner

C.) Group

A _________ is an entity capable of accessing objects. A.)object B.)resource C.) Subject D.) Access Right

C.) Subject

For each object, an _______ lists users and their permitted access rights it may also contain default or public entries. A.) access control block B.) access matrix C.) access control list D.)capability ticket

C.) access control list

______evaluate identity service providers and RPs and certify that they are capable of following the OITF provider's blueprint. A.) Relying Parties B.)Auditors C.)Assessors D.)Subjects

C.)Assessors

An independent review and examination of system records and activities A.) Examination B.)Authorization C.)Audit D.) Authentication

C.)Audit

This model assumes a set of subjects, a set of objects, and a set of rules that govern the access of subjects to objects. A.)Security Access Control B.)Mandatory Access Control C.)Direct Access Control D.)Role Based Access

C.)Direct Access Control

All types of UNIX files are administered by the operating system by means of______ it is a control structure that contains the key information needed by the operating system for a particular file. A.)Control Node B.)service Node C.)INode D.) registry

C.)INode

Access rights could include the following: A.) Read, Write, Execute, Delete, Copy B.)Read, Write, Execute, Delete, Transfer C.)Read, Write, Execute, Delete, Search D.)Read, Write, Execute, Delete, Post

C.)Read, Write, Execute, Delete, Search

Controls access based on the roles that users have within the system and on rules stating what accesses are allowed to users in given roles. A.) Discretionary Access Control B.) Mandatory Access Control C.)Role Based Access Control D.)Attribute Acces Control

C.)Role Based Access Control

A general approach to Access Control, as exercised by an operating system or a database management system, is that of an __________. A.)access management B.)access right C.)access matrix D.)access control list

C.)access matrix

Verification that the credentials of a user or other system entity are valid. A.) Examination B.)Authorization C.)Audit D.) Authentication

D.) Authentication

Controls access based on attributes of the user, the resource to be accessed, and current environmental conditions. A.)Role-based access control B.)Discretionary access control C.)Mandatory access control D.)Attribute-based access control

D.)Attribute-based access control

This may be the creator of a resource, such as a file A.) Object B.) World C.) Group D.)Owner

D.)Owner

An access control matrix may be decomposed by columns, yielding _____ A.)access management B.)Access control C.)access matrix D.)access control list

D.)access control list

__________ specifies authorized objects and operations for a particular user A.) access control block B.) access matrix C.) access control list D.)capability ticket

CSE 4380 Chapter 4

Conjuntos de estudio relacionados

PSY4220 Week 2: Ethical dilemmas and decision making

Primerica - Unit 5 Annuities

T&M: Thumb, Finger, Wrist ROM - Exam 2

4 Classify the compound by name

Pharm 2019 A

Cell Membranes/Transport

MADM 427 Chapter 02

Combo with "BRSIS..." and 27 others

all answers for roblox gibberish game

PMP_Exam Prep_Test 01

chapter 23: management of patients with coronary vascular disorders

Spanish Grammar Formulas

F300 Exam 1

Pregnancy, Labor, Childbirth, Postpartum - At Risk (Level 1)

Psychological Disorders (DSM V) A.P. Psychology

Human Anatomy & Physiology 2 (Cardiovascular System)

AP Gov Unit 3

ARE 5.0 - CE

Ch. 13-15

Unit 2 (Quiz 2)