Implementing Authentication and Authorization

Your organization needs a system for restricting access to files based on the sensitivity of the information in those files. You might suggest which of the following access control systems?

Which of the following describes a major difference between NTFS and FAT32 file systems?

Your organization has grown too large to support assigning permissions to users individually. Within your organization, you have large groups of users who perform the same duties and need the same type and level of access to the same files. Rather than assigning individual permissions, your organization may wish to consider using which of the following access control methods?

A ticket-granting server is an important element in which of the following authentication models?

Which of the following is an open standard that uses security tokens and assertions and allows you to access multiple websites with one set of credentials?

What protocol is used for RADIUS?

What are accounts with greater than “normal” user access called?

You have to implement an OpenID solution. What is the typical relationship with existing systems?

You wish to create an access control scheme that enables the CFO to access financial data from his machine, but not from the machine in the reception area of the lobby. Which access control model is best suited for this?

You need to design an authentication system where users who have never connected to the system can be identified and authenticated in a single process. Which is the best solution?