What are the two main methods of implementing access controls?

Access control lists and capabilities

Firewalls and antivirus software

What do Network ACLs typically filter access based on?

Internet Protocol (IP) addresses

What is one of the simplest forms of network-oriented ACLs?

Media Access Control address filtering

Why is using IP addresses as a unique identifier for devices on a network considered a shaky prospect?

IP addresses are not unique to a network interface

IP addresses are difficult to configure

What is the primary reason for using multiple identifiers to filter traffic in network ACLs?

To ensure more accurate filtering

To reduce the cost of network management

To simplify network configuration

What is a common use of large-scale filtering by organizations exposed to the internet?

To block out known attacks, spammers, and other undesirable traffic

What is the main goal of attacks that take advantage of the confused deputy problem?

To trick the user into taking some action when they think they are doing something else

To install malware on the user's computer

To delete files from the user's computer

Which of the following is an example of an attack that exploits the confused deputy problem?

Cross-site request forgery (CSRF)

In a clickjacking attack, what does the attacker typically do to trick the user?

Places an invisible layer over something the client would normally click

Embeds a malicious link in an email

Installs a keylogger on the user's computer

What is the role of the 'confused deputy' in the example involving BankCo?

The attacker's offshore account

What is a capability in the context of defining permissions?

A set of permissions based on a user's token or key

A physical object that grants access

A file that contains all permissions

Which access control model allows the owner of the resource to determine who gets access to it?

Discretionary Access Control (DAC)

Role-Based Access Control (RBAC)

Attribute-Based Access Control (ABAC)

What is the principle of least privilege?

Giving a party the bare minimum level of access

Giving a party the maximum level of access

Giving a party no access at all

Giving a party access based on their role

Which access control model is often implemented in government organizations?

Discretionary Access Control (DAC)

Role-Based Access Control (RBAC)

Attribute-Based Access Control (ABAC)

What is the principle of least privilege?

Granting users only the permissions they need to perform their job.

Allowing users to have administrative access to all systems.

Providing all users with access to the organization's internal human resources system.

Allowing users to carry out any task that the operating system allows.

What is a common issue with the implementation of the principle of least privilege in Microsoft operating systems?

Users are given too many permissions.

Users are not given enough permissions.

Users are unable to create documents.

What is Rule-Based Access Control (RBAC)?

Access control based on a set of rules defined by the system administrator.

Access control based on the role of the individual.

Access control based on the specific attributes of a person.

Access control that allows all users administrative access.

What does the Role-Based Access Control (RBAC) model allow?

Access based on the role of the individual being granted access.

Access based on the specific attributes of a person.

Access based on a set of rules defined by the system administrator.

Access to all users regardless of their role.

What is Attribute-Based Access Control (ABAC)?

Access control based on the specific attributes of a person, resource, or environment.

Access control based on the role of the individual.

Access control based on a set of rules defined by the system administrator.

Access control that allows all users administrative access.

What is the primary purpose of a CAPTCHA?

To prove that the user is human

To control access based on height

To control access based on time limits

To control access based on environmental conditions

What is the main concern of the Bell-LaPadula model?

Confidentiality of the resource

What is the purpose of using environmental attributes in access control?

To control access based on environmental conditions

To control access based on the user's height

To control access based on the user's age

To control access based on the user's role

Chapter Three Practice Quiz - Info Sec

Authored by Greg Michael

Information Technology (IT)

12th Grade

Used 1+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

78 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What are the two main concepts involved in deciding whether to allow party access to your resources?

Authentication and Encryption

Authorization and Access Control

Identification and Verification

Encryption and Decryption

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the process of determining exactly what an authenticated party can do?

Authentication

Encryption

Authorization

Verification

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What are the tools and systems you use to deny or allow access?

Encryption keys

Access controls

Passwords

Firewalls

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is NOT a form of physical access control?

Keys

RFID tags

Passwords

Badges

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What are the four basic tasks you can use access controls to carry out?

Allowing access, denying access, limiting access, and revoking access

Allowing access, encrypting data, limiting access, and revoking access

Allowing access, denying access, encrypting data, and decrypting data

Allowing access, denying access, verifying identity, and encrypting data

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the opposite of granting access?

Allowing access

Denying access

Limiting access

Implementing access

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the default setting for many access control systems?

Allow access

Deny access

Limit access

Grant access

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

81 questions

tin ck1 lớp 12

Quiz

•

12th Grade

73 questions

Identity Resolution Quiz

Quiz

•

12th Grade

77 questions

trắc nghiệm tin gk2

Quiz

•

12th Grade

80 questions

C6 - Application Security

Quiz

•

9th - 12th Grade

75 questions

Linux+.3

Quiz

•

12th Grade

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

29 questions

Alg. 1 Section 5.1 Coordinate Plane

Quiz

•

9th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

11 questions

FOREST Effective communication

Lesson

•

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

Discover more resources for Information Technology (IT)

20 questions

-AR -ER -IR present tense

Quiz

•

10th - 12th Grade

22 questions

El Imperfecto

Quiz

•

9th - 12th Grade

20 questions

SSS/SAS

Quiz

•

9th - 12th Grade

20 questions

verbos reflexivos en español

Quiz

•

9th - 12th Grade

14 questions

Making Inferences From Samples

Quiz

•

7th - 12th Grade

23 questions

CCG - CH8 Polygon angles and area Review

Quiz

•

9th - 12th Grade

8 questions

Momentum and Collisions

Lesson

•

9th - 12th Grade

28 questions

Ser vs estar

Quiz

•

9th - 12th Grade

Chapter Three Practice Quiz - Info Sec

What are the two main concepts involved in deciding whether to allow party access to your resources?

What is the process of determining exactly what an authenticated party can do?

What are the tools and systems you use to deny or allow access?

Which of the following is NOT a form of physical access control?

What are the four basic tasks you can use access controls to carry out?

What is the opposite of granting access?

What is the default setting for many access control systems?

What is one way to limit access by running sensitive applications?

What is an example of a sandbox used to run programs written in the Java programming language?

What are the two main methods of implementing access controls?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Information Technology (IT)