Which one of the following is an example of a logical access control? Show -Key for a lock. -Password. -Access Card. -Fence. During which phase of the access control process does the system answer the question, "What can the requester access?" -Identification. -Authentication. -Authorization. -Accountability. The __________ is the central part of a computing environment's hardware, software, and firmware that enforces access control. - Security Kernel. - CPU. - Memory. -Co-Processor. Which type of authentication includes smart cards? - Knowledge. - Ownership. - Location. - Action. Which one of the following in an example of two-factor authentication? Smart card and personal identification number (PIN). -Smart card and personal identification number (PIN). - Personal identification number (PIN) and password. - Password and security questions. - Token and smart card. Which type of password attack attempts all possible combinations of a password in an attempt to guess the correct value? - Dictionary attack. - Rainbow table attack. - Social engineering attack. - Brute-force attack. Which one of the following is NOT a commonly accepted best practice for password security? Use at least six alphanumeric characters. - Use at least six alphanumeric characters. -Do not include usernames in passwords. - Include a special character in passwords. - Include a mixture of uppercase characters, lowercase characters, and numbers in passwords. Which characteristic of a biometric system measures the system's accuracy using a balance of different error types? Crossover Error Rate (CER). - False Acceptance Rate (FAR). - False Rejection Rate (FRR). - Crossover Error Rate (CER). - Reaction Time. Alan is evaluating different biometric systems and is concerned that users might not want to subject themselves to retinal scans due to privacy concerns. Which characteristic of a biometric system is he considering? - Accuracy. - Reaction Time. - Dynamism. - Acceptability. Which one of the following is NOT an advantage of biometric systems? Physical characteristics may change. - Biometrics require physical presence. - Biometrics are hard to fake. - Users do not need to remember anything. - Physical Characteristics may change. What is a single sign-on (SSO) approach that relies upon the use of key distribution centers (KDC's) and ticket-granting servers (TGS's)? - Secure European System for Applications in a Multi-Vendor Envrionment (SESAME). - Lightweight Directory Access Protocol (LDAP). - Security Assertion Markup Language (SAML). - Kerberos. Which of the following is an example of a hardware security control? - NTFS Permission. - MAC Filtering. - ID Badge. - Security Policy. Gary would like to choose an access control model in which the owner of a resource decides who may modify permissions on that resource. Which model fits that scenario? Discretionary Access Control (DAC). - Discretionary Access Control (DAC). - Mandatory Access Control (MAC). - Rule-based Access Control. - Role-based Access Control (RBAC). Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following? - Least Privilege. - Security Through Obscurity. - Need To Know. - Separation Of Duties. Which security model does NOT protect the integrity of information? - Bell-LaPadula. - Clark-Wilson. - Biba. - Brewer and Nash. Which one of the following principles is NOT a component of the Biba integrity model? Subjects cannot change objects that have a lower integrity level. - Subjects cannot read objects that have a lower level of integrity than the subject. - Subjects cannot change objects that have a lower level integrity level. - Subjects at a given integrity level can call up only subjects at the same integrity level or lower. - A subject may not ask for service from subjects that have a higher integrity level. Which of the following does NOT offer authentication, authorization, and accounting (AAA) services? Redundant Array of Independent Disks (RAID). - Remote Authentication Dial-In User Service (RADIUS). - Terminal Access Controller Access Control System Plus (TACACS+). - Redundant Array of Independent Disks (RAID). - DIAMETER. What is an XML-based open standard for exchanging authentication and authorization information and is commonly used for web applications? Security Assertion Markup Language (SAML). - Security Assertion Markup Language (SAML). - Secure European System for Applications in a Multi-Vendor Environment (SESAME). - User Datagram Protocol (UDP). - Password Authentication Protocol (PAP). Which of the following is NOT a benefit of cloud computing to organizations? Lower Dependence On Outside Vendors. - On-demand provisioning. - Improved disaster recovery. - No need to maintain a data center. - Lower dependence on outside vendors. Which of the following are rules of the Biba integrity model?The Biba model has two primary rules: the Simple Integrity Axiom and the * Integrity Axiom. Simple Integrity Axiom: “No read down”; a subject at a specific clearance level cannot read data at a lower classification. This prevents subjects from accessing information at a lower integrity level.
Which of these is not one of the 4 central elements of access?The four central components of access control are users, resources, actions, and features. The four central components of access control are users, resources, actions, and relationships, not features.
Which of the following is an example of a logical control?Examples of logical controls are passwords, network firewalls, access control lists and data encryption.
Which one of the following is an example of two factor authentication quizlet?Smart cards and biometrics is an example of two-factor authentication.
|
Which one of the following principles is not a component of the Biba integrity model quizlet?
zusammenhängende Posts
Urheberrechte © © 2024 ketiadaan Inc.
