ITM 350 Quiz 5

During which phase of the access control process does the system answer the question, "What can the requestor access?"

Authorization

Which security model does NOT protect the integrity of information?

Bell-La Padula

Gary would like to choose an access control model in which the owner of a resource decides who may modify permissions on that resource. Which model fits that scenario?

Discretionary access control (DAC)

What is a single sign-on (SSO) approach that relies upon the use of key distribution centers (KDCs) and ticket-granting servers (TGSs)?

Kerberos

Which of the following is NOT a benefit of cloud computing to organizations?

Lower dependence on outside vendors

Which type of authentication includes smart cards?

Ownership

Which one of the following is an example of a logical access control?

Password

Which one of the following is an example of two-factor authentication?

Smart card and personal identification number (PIN)(Something you own, something you know)

Which one of the following principles is NOT a component of the Biba integrity model?

Subjects cannot change objects that have a lower integrity level.

The ___________ is the central part of a computing environment's hardware, software, and firmware that enforces access control.

security kernel