TestOut Section 4

Ace your homework & exams now with Quizwiz!

Which access control model is based on assigning attributes to objects and using Boolean logic to grant access based on the attributes of the subject?

Attribute-based access control (ABAC)

What is the process of controlling access to resources such as computers, files, or printers called?

Authorization

You want to ensure that all users in the Development OU have a common set of network communication security settings applied. Which action should you take?

Create a GPO computer policy for the computers in the Development OU.

Listen to exam instructions You manage an Active Directory domain. All users in the domain have a standard set of internet options configured by a GPO linked to the domain, but you want users in the Administrators OU to have a different set of internet options. What should you do?

Create a GPO user policy for the Administrators OU.

You have a system that allows the owner of a file to identify users and their permissions to the file. Which type of access control model is implemented?

Discretionary access control (DAC)

Which of the following is the correct acronym to remember the order in which Group Policy Objects (GPOs) are applied?

LSDOU

Group Policy Objects (GPOs) are applied in which of the following orders?

Local Group Policy, GPO linked to site, GPO linked to domain, GPO linked to organizational unit (highest to lowest).

Which of the following is the MOST common form of authentication?

Password

You have implemented an access control method that only allows users who are managers to access specific data. Which type of access control model is being used?

Role-based access control (RBAC)

Which of the following are examples of something you have authentication controls? (Select two.)

Smart Card Phot ID

Which of the following BEST describes the domain controller component of Active Directory?

A domain controller is a server that holds a copy of the Active Directory database that can be written to and is responsible for copying changes to Active Directory between the domain controllers.

Which of the following terms describes the component that is generated following authentication and is used to gain access to resources following login?

Access Token

What is the name of the service included with the Windows Server operating system that manages a centralized database containing user account and security information?

Active Directory

You are a cybersecurity expert implementing a zero trust model in a large organization. You are tasked with designing the control and data planes. Which of the following strategies should you prioritize and why?

Balance your focus between the control and data planes, ensuring both are optimized for security and efficiency.

A large multinational corporation has multiple domains that share the same contiguous DNS namespaces, as well as domains with different DNS namespaces. The IT department is tasked with organizing these domains Which of the following options best describes how the domains should be grouped?

Domains with the same contiguous DNS namespaces should be grouped into a tree, and all trees should be grouped into a forest.

You want to implement an access control list in which only the users you specifically authorize have access to the resource. Anyone not on the list should be prevented from having access. Which of the following methods of access control should the access list use?

Explicit allow, implicit deny

After implementing the National Institute of Standards and Technology (NIST) Cybersecurity Framework, the chief information security officer (CISO) is assessing the company's security posture to identify deficiencies from the framework's recommendations. What process can the CISO run to get a better sense of what the company needs to improve upon?

Gap analysis

Which of the following statements correctly describe the characteristics of generic containers in Active Directory? (Select two.)

Generic containers are created by default. Generic containers are used to organize Active Directory objects.

Which of the following objects identifies a set of users with similar access needs?

Group

Marcus White has just been promoted to a manager. To give him access to the files that he needs, you make his user account a member of the Managers group, which has access to a special shared folder. Later that afternoon, Marcus tells you that he is still unable to access the files reserved for the Managers group. What should you do?

Have Marcus log off and log back in.

Which of the following principles is implemented in a mandatory access control model to determine object access by classification level?

Need to know

Match each Active Directory term on the left with its corresponding definition on the right.

Organizational Unit - Logical organization of resources Domain - Collection of network resources Forest - Collection of related domain trees Object - Network resource in the directory Tree - Group of related domains

Which of the following identifies the type of access that is allowed or denied for an object?

Permissions

A corporation's IT department is integrating a new framework that permits, ascertains, and applies various resources in accordance with established company policies. Which principle should the department incorporate?

Policy-driven access control

What is the primary purpose of separation of duties?

Prevent conflicts of interest.

Which of the following is an example of rule-based access control?

Router access control lists that allow or deny traffic based on the characteristics of an IP packet.

Which of the following identifies the type of access that is allowed or denied for an object?

SACL

Which type of group can be used for controlling access to objects?

Security

Lori, who has been a member of the Project Management group, was recently promoted to manager of the team. She has been added as a member of the Managers group. Several days after being promoted, Lori needs to have performance reviews with the team she manages. However, she cannot access the performance management system. As a member of the Managers group, she should have the Allow permission to access this system. What is MOST likely preventing her from accessing this system?

She is still a member of the Project Management group, which has been denied permission to this system. Deny permissions always override Allow permissions.

After logging in, the user is able to see the Programs and Features page. Why does this happen?

The GPO linked to the user's organizational unit is applied last, so this setting takes precedence.

Which security mechanism uses a unique list that meets the following specifications: The list is embedded directly in the object itself. The list defines which subjects have access to certain objects. The list specifies the level or type of access allowed to certain objects.

User ACL

Which of the following is a privilege or action that can be taken on a system?

User Rights

Which of the following identification and authentication factors are often well known or easily discovered by others on the same network or system?

Username

See all study sets

Related study sets

Why did i make this quiz!

Quiz 3 (Ch 7,8,9)

Chapter 29 ITP 320 Midterm Concepts

Hunter Safety Course

PUBHEALTH CHPT 7

ACC 120 Chapter 8

GEO 202 Final

Becker AUD Chapter 6

ACCT 162 Module G Quiz

diagnostic test

CSNT 280 Quiz Review

Ch. 11 Study Guide

Chapter 16: Glycolysis

American Revolution Set 2 Marquis De Lafayette — James Armistead

Physics 3LC Final Exam

Exam II: Standards

MICRO ECONOMICS, Chapter 2 (unit 1- obj. 10), Econ 1000 Chapter 3, 2.1-2.4, ECON Chapter 2 Homework, ECN101 Chapter 5 Key Terms, Econ 102 Exam, ECON102 CH. 4, 2.4 Gains from Trade, Microeconomics ch3, ECON E 201 Assignment 3, 1.1 Def. of Econ, ECO 20...