Chapter 2
Your organization is planning to implement remote access capabilities. Management wants strong authentication and wants to ensure that passwords expire after a predefined time interval. Which of the following choices BEST meets this requirement?
A Time-based One- Time password (TOTP)
Members of a project team chose to meet at a local library to complete some work from home using a VPN connection and have connected from home successfully. However, they found that they were unable to connect to the network using the VPN from the library and they could not access any of the project data. Which of the following choices is the MOST likely reason why they can't access this data?
A location-based policy restricts access based on location.
Your organization is implementing an SDN. Management wants to use an access control model that controls access based on attributes. Which of the following is the BEST solution?
ABAC
You need to create an account for a contractor who will be working at your company for 60 days. Which of the following is the BEST security step to take when creating this account?
Configure expiration dates
Ned is reviewing password security for employees of TheLeftorium. The Password policy has the following settings: -The maximum age is 30 days. -The minimum length is 14 characters. -Passwords cannot be reused until five other passwords have been used. -Password must include at least one of each of the following four character types: uppercase letters, lowercase letters, numbers, special characters. Ned discovers that despite having this password policy in place, users are still using the same password that they were using more than a month ago. Which of the following actions will resolve this issue?
Create a rule in the password policy for the password minimum age.
A recent security audit discovered several apparently dormant user accounts. Although users could long on to the accounts, no one had logged on to them for more than 60 days. You later discovered that these accounts are for contractors who work approximately one week every quarter. Which of the following is the BEST response to this situation?
Disable the accounts and then enable them when needed by the contractors.
A network includes a ticket-granting ticket server used for authentication. Which authentication service does this network use?
Kerberos
Lisa is a training instructor and she maintains a training lab with 18 computers. She has enough rights and permissions on these machines so that she can configure them as needed for classes. However, she does not have the rights to add them to the organization's domain. Which of the following choices BEST describes this example?
Least privilege
A security administrator needs to implement an access control system that will protect data based on the following matrix. (See book: Chp2 Q14) Which of the following models is the administrator implementing?
MAC model
Your organization recently updated an online application employees use to log on when working from home. Employees enter their username and password into the application from their smartphone and the application logs their location using GPS. Which type of authentication is being used?
One-factor authentication
Marge is reviewing an organization's account management processes. She wants to ensure that security log entries accurately report the identity of personnel taking specific actions. Which of the following steps would BEST meet this requirement?
Remove all shared accounts
A company recently hired you as a security administrator. You notice that some former accounts used by temporary employees are currently enabled. Which of the following choices is the BEST response?
Run a last logon script
Developers in your organization have created an application designed for the sales team. Salespeople can log on to the application using a simple password of 1234. However, this password does not meet the organization's password policy. Which of the following is the BEST response by the security administrator after after learning about this?
The application should be re-coded to adhere to the company's password policy, so the best response is to direct the application team manager to do so.
Your organization has decided to implement a biometric solution for authentication. One of the goals is to ensure that the biometric system is highly accurate. Which of the following provides the BEST indication of accuracy with the biometric system?
lower crossover error rate (CER)
Developers are planning to develop an application using role-based access control. Which of the following would they MOST likely include in their planning?
role-BAC model
