Computer Security Chapter 4

Subject attributes, object attributes and environment attributes are the three types of attributes in the __________ model.

ABAC

__________ implements a security policy that specifies who or what may have access to each specific system resource and the type of access that is permitted in each instance.

Access control

__________ is verification that the credentials of a user or other system entity are valid.

Authentication

_________ is the granting of a right or permission to a system entity to access a system resource.

Authorization

__________ refers to setting a maximum number with respect to roles.

Cardinality

__________ provide a means of adapting RBAC to the specifics of administrative and security policies in an organization.

Constraints

__________ is the traditional method of implementing access control.

DAC

T or F? A user program executes in a kernel mode in which certain areas of memory are protected from the user's use and certain instructions may not be executed.

False

T or F? External devices such as firewalls cannot provide access control services.

False

T or F? Security labels indicate which system entities are eligible to access certain resources.

False

T or F? The authentication function determines who is trusted for a given purpose.

False

T or F? Traditional RBAC systems define the access rights of individual users and groups of users.

False

__________ controls access based on comparing security labels with security clearances

MAC

__________ is based on the roles the users assume in a system rather than the user's identity.

RBAC

T or F? A constraint is defined relationship among roles or a condition related to roles.

True

T or F? A user may belong to multiple groups.

True

T or F? Access control is the central element of computer security.

True

T or F? An ABAC model can define authorizations that express conditions on properties of both the resource and the subject.

True

T or F? An access right describes the way in which a subject may access an object.

True

T or F? An auditing function monitors and keeps a record of user accesses to system resources.

True

T or F? Any program that is owned by, and SetUID to, the "superuser" potentially grants unrestricted access to the system to any user executing that program.

True

T or F? Reliable input is an access control requirement.

True

T or F? The default set of rights should always follow the rule of least privilege or read-only access.

True

T or F? The principal objectives of computer security are to prevent unauthorized users from gaining access to resources, to prevent legitimate users from accessing resources in an unauthorized manner, and to enable legitimate users to access resources in an authorized manner.

True

The __________ component deals with the management and control of the ways entities are granted access to resources.

access management

The three types of attributes in the ABAC model are subject attributes, object attributes, and ___________ attributes.

environment

A concept that evolved out of requirements for military information security is ______

mandatory access control

A(n) __________ is a resource to which access is controlled.

object

The basic elements of access control are: subject, __________, and access right.

object

A __________ is a named job function within the organization that controls this computer system.

role

A __________ is an entity capable of accessing objects.

subject