Chapter 3
Linux stores passwords in the _____ file in encrypted format.
/etc/passwd
In a lattice-based access control, the column of attributes associated with a particular object is referred to as a(n) ______.
Access control list (ACL)
Documenting the activities of the authorized individual and systems.
Accountability
Physical attributes are an example of something you ____ that can be used to verify identity.
Are
______ use(s) a challenge-response system.
Asynchronous tokens
Confirming the identity of the entity seeking access to a logical or physical area
Authentication
_____ is the act of confirming the identity of a potential user.
Authentication
Determining which actions an entity can perform in that physical or logical area.
Authorization
_____ authentication is most commonly set up as a form of auditing and occurs when a system records the activities of each user and writes details about each activity to a log file.
Centralized
Public-Key Infrastructure (PKI) must be used for ____ authentication.
Certificate-based
With ____ authentication, the firewall enables the authenticated user to access the desired resources for a specific period of time.
Client
In _____, access to a specific set of information is dependent on the information's content.
Content-dependent
_____ access controls remedy a circumstance or mitigate the damage caused during an incident.
Corrective
Implemented at the discretion of the data user
Discretionary access controls
Access controls are defined only using technology.
False
RADIUS works with Network Address Translation (NAT).
False
A simple scheme can allow an organization to protect sensitive information, such as marketing or research data, personnel data, customer data, and general internal communications classifies data. Which of the following categories would most likely be used for internal phone lists?
For Official Use Only
Obtaining the identity of the entity requesting access to a logical or physical area.
Identification
The ____ authentication server is also known as a Key Distribution Center (KDC).
Kerberos
A PIN is an example of something you _____.
Know
Principle by which employees are provided access to the minimal amount of information for the least duration of time necessary to perform their duties.
Least privilege
Lattice-based access control is a variation of ______ access control.
Mandatory
The principle limits individuals' information access to what is required to perform their jobs.
Need to know
____ is most frequently associated with data classification schemes.
Need to know
Role-based access controls are a type of _____ access controls.
Nondiscretionary
Determined by a central authority in the organization.
Nondiscretionary access controls
____ access controls help the organization avoid an incident.
Preventive
You might have to use TACAS+ or _____ if your firewall doesn't support authentication.
RADIUS
In _____ -based access controls, access is granted based on a set of rules specified by a central authority.
Rule
This principle increases the security of information and other assets by requiring that more than one individual be responsible for a particular information asset, process, or task.
Separation of duties
_____ reduces the chance of an individual violating information security by increasing the scrutiny on any one user.
Separation of duties
Client authentication or _____ authentication should be used when only a single user is coming from a single IP address.
Session
The _____ password system, which is a feature of the Linux operating system that enables the secure storage of passwords, stores them in another file that has restricted access.
Shadow
To configure client authentication, you need to set up one of two types of authentication systems: _____ and ______.
Standard sign-on and specific sign-on
______ IP address mappings work best because some TACAS+ systems use the source IP address to create the encryption key.
Static
For most information, the U.S. military uses a classification scheme with _____ as the uppermost tier.
Top secret
IEEE 802.1x is one of the fastest growing standards being used in enterprise networks today.
True
Most organization do not need the detailed level of classification used by the military or federal agencies.
True
Some firewalls use authentication to give employees access to common resources.
True
______ authentication can enable employees who work remotely who work remotely or who are traveling to access your internal servers.
User
