IS Quiz 11

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What would you use to control the traffic that is allowed in or out of a network? A) Access control lists B) Firewall C) Address Resolution Protocol D) Discretionary access control

A) Access control lists

When using the mandatory access control model, what component is needed? A) Labels B) Certificates C) Tokens D) RBAC

A) Labels Are required in the mandatory access control (MAC) model

Your organization has enacted a policy where employees are required to create passwords with at least 15 characters. What type of policy does this define? A) Password length B) Password expiration C) Minimum password age D) Password complexity

A) Password length

A company has a high attrition rate. What should you ask the network administrator to do first? A) Review user permissions and access control lists B) Review group policies C) Review Performance logs D) Review the Application log

A) Review user permissions and access control lists

In an environment where administrators, the accounting department, and the marketing department all have different levels of access, which of the following access control models is being used? A) Role-based access control (RBAC) B) Mandatory access control (MAC) C) Discretionary access control (DAC) D) Rule-based access control (RBAC)

A) Role-based access control (RBAC)

Which of the following access control methods uses rules to govern whether object access will be allowed? (Select the best answer.) A) Rule-based access control B) Role-based access control C) Discretionary access control D) Mandatory access control E) Attribute-based access control

A) Rule-based access control

In a discretionary access control model, who is in charge of setting permissions to a resource? A) The owner of the resource B) The administrator C) Any user of the computer D) The administrator and the owner

A) The owner of the resource

Which of these is a security component of Windows? A) UAC B) UPS C) Gadgets D) Control Panel

A) UAC User Account Control (UAC) adds a layer of security to Windows that protects against malware and user error and conserves resources

Which of the following is the most common authentication model? A) Username and password B) Biometrics C) Key cards D) Tokens

A) Username and password

Robert needs to access a resource. In the DAC model, what is used to identify him or other users? A) Roles B) ACLs C) MAC D) Rules

B) ACLs

In the DAC model, how are permissions identified? A) Role membership B) Access control lists C) They are predefined D) It is automatic

B) Access control lists

A security administrator implements access controls based on the security classification of the data and need-to-know information. Which of the following would best describe this level of access control? A) Least privilege B) Mandatory access control C) Role-based access control D) Implicit deny

B) Mandatory access control

You are consulting for a small organization that relies on employees who work from home and on the road. A hacker has compromised the network by denying remote access to the company using a script. Which of the following security controls did the hacker exploit? A) Password complexity B) DoS C) Account lockout D) Password length

C) Account lockout

What key combination helps to secure the logon process? A) Windows+R B) Ctrl+Shift+Esc C) Ctrl+Alt+Del D) Alt+F4

C) Ctrl+Alt+Del

In an attempt to detect fraud and defend against it, your company cross-trains people in each department. What is this an example of? A) Separation of duties B) Chain of custody C) Job rotation D) Least privilege

C) Job rotation

Users are required to change their passwords every 30 days. Which policy should be configured? A) Password length B) Password recovery C) Password expiration D) Account lockout

C) Password expiration

Which of the following methods could identify when an unauthorized access has occurred? A) Two-factor authentication B) Session termination C) Previous logon notification D) Session lock

C) Previous logon notification

Jason needs to add several users to a group. Which of the following will help him to get the job done faster? A) Propagation B) Inheritance C) Template D) Access control lists

C) Template By using a template, you can add many users to a group at once simply by applying the template to the users

Which of the following is the strongest password? A) |ocrian# B) Marqu1sD3S0d C) This1sV#ryS3cure D) Thisisverysecure

C) ThisIsV#ryS3cure

You want to mitigate the possibility of privilege creep among your long-term users. What procedure should you employ? A) Mandatory vacations B) Job rotation C) User permission reviews D) Separation of duties

C) User permission reviews

Which of the following would lower the level of password security? A) After a set number of failed attempts, the server will lock the user out, forcing her to call the administrator to re-enable her account B) Passwords must be greater than eight characters and contain at least one special character C) All passwords are set to expire after 30 days D) Complex passwords that users cannot change are randomly generated by the administrator

D) Complex passwords that users cannot change and are randomly generated by the administrator

You administer a bulletin board system for a rock and roll and. While reviewing logs for the board, you see one particular IP address posting spam multiple times per day. What is the best way to prevent this type of problem? A) Block the IP address of the user B) Ban the user C) Disable ActiveX D) Implement CAPTCHA

D) Implement CAPTCHA By implementing CAPTCHA, another level of security is added that users have to complete before they can register to and/or post to a bulletin board

Of the following access control models, which uses object labels? (Select the best answer.) A) Discretionary access control B) Role-based access control C) Rule-based access control D) Mandatory access control E) Attribute-based access control

D) Mandatory access control

Which of the following statements regarding the MAC model is true? A) Mandatory access control is a dynamic model B) Mandatory access control enables an owner to establish access privileges to a resource C) Mandatory access control is not restrictive D) Mandatory access control users cannot share resources dynamically

D) Mandatory access control users cannot share resources dynamically

Which security measure should be included when implementing access control? A) Disabling SSID broadcast B) Time-of-day restrictions C) Changing default passwords D) Password complexity requirements

D) Password complexity requirements

How are permissions defined in the mandatory access control model? A) Access control lists B) User roles C) Defined by the user D) Predefined access privileges

D) Predefined access privileges

What is a definition of implicit deny? A) Everything is denied by default B) All traffic from one network to another is denied C) ACLs are used to secure the firewall D) Resources that are not given access are denied by default

D) Resources that are not given access are denied by default

Which of the following access control models would be found in a firewall? A) Mandatory access control B) Discretionary access control C) Role-based access control D) Rule-based access control

D) Rule-based access control

Which password management system best provides for a system with a large number of users? A) Locally saved passwords management system B) Synchronized passwords management system C) Multiple access methods management system D) Self-service password reset management system

D) Self-service password reset management system

Your company has 1000 users. Which of the following password management systems will work best for you company? A) Multiple access methods B) Synchronize passwords C) Historical passwords D) Self-service password resetting

D) Self-service password resetting


Ensembles d'études connexes

Module 3.3: Skewness,Kurtosis and Position

View Set

Chapter 16Lesson 3: Health Concerns and Issues

View Set