lesson 5
Ed wants to make sure that his system is designed in a manner that allows tracing actions to an individual. Which phase of access control is Ed concerned about?
Accountability
Which security model does NOT protect the integrity of information?
Bell-LaPadula
What is an XML-based open standard for exchanging authentication and authorization information and is commonly used for web applications?
Security Assertion Markup Language (SAML)
During which phase of the access control process does the system answer the question, "What can the requestor access?"
Authorization
Gary would like to choose an access control model in which the owner of a resource decides who may modify permissions on that resource. Which model fits that scenario?
Discretionary access control (DAC)
DIAMETER is a research and development project funded by the European Commission.
false
Passphrases are less secure than passwords
false
Temporal isolation is commonly used in combination with rule-based access control.
false
Terminal Access Controller Access Control System Plus (TACACS+) is an authentication server that uses client and user configuration files.
false
The four central components of access control are users, resources, actions, and features.
false
Which characteristic of a biometric system measures the system's accuracy using a balance of different error types?
Crossover error rate (CER)
Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following?
Separation of duties
The number of failed logon attempts that trigger an account action is called an audit logon event.
false
User-based permission levels limit a person to executing certain functions and often enforces mutual exclusivity.
false
The _____________ is the central part of a computing environment's hardware, software, and firmware that enforces access control.
security kernel
What is a single sign-on (SSO) approach that relies upon the use of key distribution centers (KDCs) and ticket-granting servers (TGSs)?
Kerberos
Which of the following is an example of a hardware security control?
MAC Filtering
Which of the following does NOT offer authentication, authorization, and accounting (AAA) services?
Redundant Array of Independent Disks (RAID)
Which one of the following is an example of two-factor authentication?
Smart card and personal identification number (PIN)
Which one of the following principles is NOT a component of the Biba integrity model?
Subjects cannot change objects that have a lower integrity level