What are the two main methods of implementing access controls?

Access control lists and capabilities

Firewalls and antivirus software

What do Network ACLs typically filter access based on?

Internet Protocol (IP) addresses

What is one of the simplest forms of network-oriented ACLs?

Media Access Control address filtering

Why is using IP addresses as a unique identifier for devices on a network considered a shaky prospect?

IP addresses are not unique to a network interface

IP addresses are difficult to configure

What is the primary reason for using multiple identifiers to filter traffic in network ACLs?

To ensure more accurate filtering

To reduce the cost of network management

To simplify network configuration

What is a common use of large-scale filtering by organizations exposed to the internet?

To block out known attacks, spammers, and other undesirable traffic

What is the main goal of attacks that take advantage of the confused deputy problem?

To trick the user into taking some action when they think they are doing something else

To install malware on the user's computer

To delete files from the user's computer

Which of the following is an example of an attack that exploits the confused deputy problem?

Cross-site request forgery (CSRF)

In a clickjacking attack, what does the attacker typically do to trick the user?

Places an invisible layer over something the client would normally click

Embeds a malicious link in an email

Installs a keylogger on the user's computer

What is the role of the 'confused deputy' in the example involving BankCo?

The attacker's offshore account

What is a capability in the context of defining permissions?

A set of permissions based on a user's token or key

A physical object that grants access

A file that contains all permissions

Which access control model allows the owner of the resource to determine who gets access to it?

Discretionary Access Control (DAC)

Role-Based Access Control (RBAC)

Attribute-Based Access Control (ABAC)

What is the principle of least privilege?

Giving a party the bare minimum level of access

Giving a party the maximum level of access

Giving a party no access at all

Giving a party access based on their role

Which access control model is often implemented in government organizations?

Discretionary Access Control (DAC)

Role-Based Access Control (RBAC)

Attribute-Based Access Control (ABAC)

What is the principle of least privilege?

Granting users only the permissions they need to perform their job.

Allowing users to have administrative access to all systems.

Providing all users with access to the organization's internal human resources system.

Allowing users to carry out any task that the operating system allows.

What is a common issue with the implementation of the principle of least privilege in Microsoft operating systems?

Users are given too many permissions.

Users are not given enough permissions.

Users are unable to create documents.

What is Rule-Based Access Control (RBAC)?

Access control based on a set of rules defined by the system administrator.

Access control based on the role of the individual.

Access control based on the specific attributes of a person.

Access control that allows all users administrative access.

What does the Role-Based Access Control (RBAC) model allow?

Access based on the role of the individual being granted access.

Access based on the specific attributes of a person.

Access based on a set of rules defined by the system administrator.

Access to all users regardless of their role.

What is Attribute-Based Access Control (ABAC)?

Access control based on the specific attributes of a person, resource, or environment.

Access control based on the role of the individual.

Access control based on a set of rules defined by the system administrator.

Access control that allows all users administrative access.

What is the primary purpose of a CAPTCHA?

To prove that the user is human

To control access based on height

To control access based on time limits

To control access based on environmental conditions

What is the main concern of the Bell-LaPadula model?

Confidentiality of the resource

What is the purpose of using environmental attributes in access control?

To control access based on environmental conditions

To control access based on the user's height

To control access based on the user's age

To control access based on the user's role

Chapter Three Practice Quiz - Info Sec

Quiz

•

Information Technology (IT)

•

12th Grade

•

Practice Problem

•

Medium

Greg Michael

Used 1+ times

FREE Resource

Limit access

Grant access

Create a free account and access millions of resources

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

81 questions

TOSA WordPress Practice Quiz 1

Quiz

•

9th - 12th Grade

80 questions

Research Methodologies

Quiz

•

12th Grade

74 questions

Module 19 CSEC

Quiz

•

12th Grade

Popular Resources on Wayground

25 questions

Multiplication Facts

Quiz

•

5th Grade

15 questions

4:3 Model Multiplication of Decimals by Whole Numbers

Quiz

•

5th Grade

10 questions

The Best Christmas Pageant Ever Chapters 1 & 2

Quiz

•

4th Grade

12 questions

Unit 4 Review Day

Quiz

•

3rd Grade

20 questions

Christmas Trivia

Quiz

•

6th - 8th Grade

18 questions

Kids Christmas Trivia

Quiz

•

KG - 5th Grade

14 questions

Christmas Trivia

Quiz

•

5th Grade

15 questions

Solving Equations with Variables on Both Sides Review

Quiz

•

8th Grade

Discover more resources for Information Technology (IT)

26 questions

Christmas Movie Trivia

Lesson

•

8th Grade - Professio...

25 questions

Preterito regular

Quiz

•

10th - 12th Grade

28 questions

Ser vs estar

Quiz

•

9th - 12th Grade

10 questions

hands washing

Quiz

•

5th - 12th Grade

20 questions

Christmas Trivia

Quiz

•

5th - 12th Grade

5 questions

Triangle Congruence Theorems

Interactive video

•

9th - 12th Grade

20 questions

Stages of Meiosis

Quiz

•

9th - 12th Grade

14 questions

Model and Solve Linear Equations

Quiz

•

9th - 12th Grade

Chapter Three Practice Quiz - Info Sec

78 questions

What are the two main concepts involved in deciding whether to allow party access to your resources?

What is the process of determining exactly what an authenticated party can do?

What are the tools and systems you use to deny or allow access?

Which of the following is NOT a form of physical access control?

What are the four basic tasks you can use access controls to carry out?

What is the opposite of granting access?

What is the default setting for many access control systems?

What is one way to limit access by running sensitive applications?

What is an example of a sandbox used to run programs written in the Java programming language?

What are the two main methods of implementing access controls?

Create a free account and access millions of resources

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Information Technology (IT)