Unit 12 Quiz
Which type of access control model uses predefined rules that makes it flexible? MAC Rule-Based Access Control DAC ABAC
ABAC
What can be used to provide both file system security and database security? LDAPs CHAPs ACLs RBASEs
ACLs
Which of the following involves rights given to access specific resources? Authorization Access Identification Accounting
Access
Which of the following is NOT part of the AAA framework? Accounting Authentication Authorization Access
Access
Which of these is a set of permissions that is attached to an object? Security entry designator Access control list (ACL) Object modifier Subject Access Entity (SAE)
Access control list (ACL)
Which of the following is NOT true regarding how an enterprise should handle an orphaned or a dormant account? All orphaned and dormant accounts should be deleted immediately whenever they are discovered. Logs should be monitored because current employees are sometimes tempted to use an older dormant account instead of their own account. Access should be ended as soon as the employee is no longer part of the organization. A formal procedure should be in place for disabling accounts for employees who are dismissed, resign, or retire from the organization.
All orphaned and dormant accounts should be deleted immediately whenever they are discovered.
Raul has been asked to serve as the individual to whom day-to-day actions have been assigned by the owner. What role is Raul taking? Privacy officer Custodian Operator End-user
Custodian
What is the least restrictive access control model? ABAC Rule-Based Access Control MAC DAC
DAC
Which of the following would NOT be considered as part of a clean desk policy? Lock computer workstations when leaving the office. Keep mass storage devices locked in a drawer when not in use. Place laptops in a locked filing cabinet. Do not share passwords with other employees.
Do not share passwords with other employees.
Which Microsoft Windows feature provides group-based access control for centralized management and configuration of computers and remote users who are using Active Directory? Windows Registry Settings Resource Allocation Entities AD Management Services (ADMS) Group Policy
Group Policy
How is the Security Assertion Markup Language (SAML) used? It is an authenticator in IEEE 802.1x. It is a backup to a RADIUS server. It allows secure web domains to exchange user authentication and authorization data. It is no longer used because it has been replaced by LDAP.
It allows secure web domains to exchange user authentication and authorization data.
Which statement about Rule-Based Access Control is true? It dynamically assigns roles to subjects based on rules. It is considered obsolete today. It requires that a custodian set all rules. It is considered a real-world approach by linking a user's job function with security.
It dynamically assigns roles to subjects based on rules.
What is the version of the X.500 standard that runs on a personal computer over TCP/IP? Lite RDAP IEEE X.501 DAP LDAP
LDAP
What is the secure version of LDAP? X.500 LDAPS Secure DAP 802.1x
LDAPS
Which can be used to establish geographical boundaries where a mobile device can and cannot be used? Geolocation policies Location-based policies Restricted access control policies Mobile device policies
Location-based policies
Which access control model is the most restrictive? MAC Role-Based Access Control DAC Rule-Based Access Control
MAC
Which of the following is the Microsoft version of CHAP? MS-CHAP PAP-MICROSOFT AD-EAP EAP-MS
MS-CHAP
With the development of IEEE 802.1x port security, what type of authentication server has seen even greater usage? RDAP Lite RDAP RADIUS DAP
RADIUS
What is the current version of TACACS? TACACS+ TACACS v9 TRACACS XTACACS
TACACS+
A RADIUS authentication server requires the ________ to be authenticated first. authenticator user authentication server supplicant
supplicant