6.1 Quiz
Audit trails produced by auditing activities are which type of security control?
Detective Audit trails produced by auditing activities are a detective security control. Audit trails are used to detect the occurrence of unwanted or illegal actions by users. Audit trails give administrators the ability to reconstruct historical events and locate aberrant activities. Once an issue is discovered in an audit trail, the collected information can be used to guide the corrective or recovery procedure to restore resources, prevent re-occurrence, and prosecute the perpetrator.
You have implemented an access control method that only allows users who are managers to access specific data. Which type of access control model is being used?
RBAC Role-based access control (RBAC) allows access based on a role in an organization, not individual users. Roles are defined based on job description or a security-access level. Users are made members of a role and receive the permissions assigned to the role.
Which access control model is based on assigning attributes to objects and using Boolean logic to grant access based on the attributes of the subject?
Attribute-Based Access Control (ABAC) The ABAC model is based on assigning attributes to objects and using Boolean logic to grant access based on the attributes of the subject.
A remote access user needs to gain access to resources on the server. Which of the following processes are performed by the remote access server to control access to resources?
Authentication and authorization A remote access server performs the following functions: - Authentication is the process of proving identity. After devices agree on the authentication protocol to use, the login credentials are exchanged and login is allowed or denied. - Authorization is the process of identifying the resources that a user can access over the remote access connection. Authorization is controlled through the use of network policies (remote access policies) as well as access control lists.
Which of the following principles is implemented in a mandatory access control model to determine object access by classification level?
Need to Know Need to Know is used with mandatory access control environments to implement granular control over access to segmented and classified data.
What is the primary purpose of separation of duties?
Prevent conflicts of interest The primary purpose of separation of duties is to prevent conflicts of interest by dividing administrative powers between several trusted administrators. This prevents a single person from having all of the privileges over an environment, which would create a primary target for attack and a single point of failure.
You assign access permissions so that users can only access the resources required to accomplish their specific work tasks. Which security principle are you complying with?
Principle of least privilege The principle of least privilege is the assignment of access permissions so that users can only access the resources required to accomplish their specific work tasks.
Which of the following is an example of privilege escalation?
Privilege creep Privilege creep occurs when a user's job position changes and he or she is granted a new set of access privileges for their new work tasks, but their previous access privileges are not removed. As a result, the user accumulates privileges over time that are not necessary for their current work tasks. This is a form of privilege escalation.
Which of the following is an example of rule-based access control?
Router access control lists that allow or deny traffic based on the characteristics of an IP packet. A router access control list that allows or denies traffic based on the characteristics of an IP packet is an example of rule-based access control.
Which of the following is used for identification?
Username Identification is the initial process of confirming the identity of a user requesting credentials and occurs when a users types in a user ID to log on. The username is used for identification, while a password, PIN, or some other cognitive information is used for authentication.
