CompTIA Security+ Chapter 10 RQ
What would you use to control the traffic that is allowed in or out of a network?
A. Access control lists
When using the mandatory access control model, what component is needed?
A. Labels
Your organization has enacted a policy where employees are required to create passwords with at least 15 characters. What type of policy does this define?
A. Password length
A company has a high attrition rate. What should you ask the network administrator to do first?
A. Review user permissions and access control lists
In an environment where administrators, the accounting department, and the marketing department all have different levels of access, which of the following access control models is being used?
A. Role-based access control (RBAC)
Which of the following access control methods uses rules to govern whether object access will be allowed?
A. Rule-based access control
In a discretionary access control model, who is in charge of setting permissions to a resource?
A. The owner of the resource
Which of these is a security component of Windows?
A. UAC
Which of the following is the most common authentication model?
A. Username and password
Robert needs to access a resource. In the DAC model, what is used to identify him or other users?
B. ACLs
In the DAC model, how are permissions identified?
B. Access control lists
A security administrator implements access controls based on the security classification of the data and need-to-know information. Which of the following would best describe this level of access control?
B. Mandatory access control
You are consulting for a small organization that relies on employees who work from home and on the road. A hacker has compromised the network by denying remote access to the company using a script. Which of the following security controls did the hacker exploit?
C. Account lockout
What key combination helps to secure the logon process?
C. Crl+Alt+Del
In an attempt to detect fraud and defend against it, your company cross-trains people in each department. What is this an example of?
C. Job rotation
Users are required to change their passwords every 30 days. Which policy should be configured?
C. Password expiration
Which of the following methods could identify when an unauthorized access has occurred?
C. Previous logon notification
Jason needs to add several users to a group. Which of the following will help him to get the job done faster?
C. Template
Which of the following is the strongest password?
C. ThisIsV#ryS3cure
You want to mitigate the possibility of privilege creep among your long-term users. What procedure should you employ?
C. User permission reviews
Which of the following would lower the level of password security?
D. Complex passwords that users cannot change and are randomly generated by the administrator
You administer a bulletin board system for a rock and roll and. While reviewing logs for the board, you see one particular IP address posting spam multiple times per day. What is the best way to prevent this type of problem?
D. Implement CAPTCHA
Of the following access control models, which uses object labels?
D. Mandatory access control
Which of the following statements regarding the MAC model is true?
D. Mandatory access control users cannot share resources dynamically
Which security measure should be included when implementing access control?
D. Password complexity requirements
How are permissions defined in the mandatory access control model?
D. Predefined access privileges
What is a definition of implicit deny?
D. Resources that are not given access are denied by default
Which of the following access control models would be found in a firewall?
D. Rule-based access control
Which password management system best provides for a system with a large number of users?
D. Self-service password reset management system
Your company has 1000 users. Which of the following password management systems will work best for you company?
D. Self-service password resetting