What is the process of identification in access control?

Issuing a user account to the correct person

Validating a user's credentials

What is the role of authentication in security?

To validate an entity's unique credentials

What does authorization determine in access control?

The rights and privileges a user has

What is the function of accounting in security?

Tracking authorized usage and alerting unauthorized use

What does the authentication, authorization, and accounting (AAA) model ensure?

Centralized verification and audit trail creation

What is the role of the control plane in zero trust architecture?

Defining policy and determining access decisions

What do permissions control in a security setting?

Access to objects including file system items and network resources

What is a characteristic of discretionary access control (DAC)?

Each resource is protected by an access control list managed by the owner

Resources are protected by system-defined rules

Access is granted based on user roles

Resources are encrypted by default

What defines mandatory access control (MAC)?

Inflexible, system-defined rules

What is Role-based access control (RBAC)?

An access control model where resources are protected by ACLs and managed by administrators based on job functions.

A model that evaluates a set of attributes to determine access.

A nondiscretionary access control technique based on operational rules.

A process of deploying an account to a production environment.

What is the purpose of a group account?

To establish file permissions and user rights for many individuals needing the same level of access.

To evaluate a set of attributes for access.

To deploy an account to a production environment.

To identify the physical location of an object.

What does Attribute-based access control (ABAC) evaluate?

A set of attributes each subject possesses to determine access.

The physical location of an object.

The value assigned to an account by Windows.

The process of removing an account from a production environment.

What is the principle of Least privilege?

Allocating the minimum necessary rights, privileges, or information to perform a role.

Allocating the maximum necessary rights and privileges.

Deploying an account to a production environment.

Identifying the physical location of an object.

What is the process of Provisioning?

Deploying an account, host, or application to a target production environment with credentials and access permissions.

Removing an account from a production environment.

Evaluating a set of attributes for access.

Identifying the physical location of an object.

What is the purpose of a time-of-day restrictions policy?

To limit a user's access to resources

Which of the following is NOT a fundamental security concept mentioned in the CompTIA Security+ SYO-701 objectives?

Confidentiality, Integrity, and Availability (CIA)

What is involved in implementing and maintaining identity and access management?

Provisioning/de-provisioning user accounts

Which of the following is a type of authentication token?

Hard/soft authentication tokens

What is multi-factor authentication (MFA)?

An authentication scheme that requires at least two different factors

An authentication scheme that requires only one factor

A method that uses a password only

A system that uses only biometric data

What is a personal identification number (PIN) used for in authentication?

To be used in conjunction with authentication devices like smart cards

To be shared with others for access

What is a hard authentication token?

An authentication token generated by a cryptoprocessor on a dedicated hardware device

What is a one-time password (OTP)?

A password that is generated for use in one specific session and becomes invalid after the session ends

A password that is used for multiple sessions

A password that is stored permanently

A password that is shared among users

What does a soft authentication token involve?

An OTP sent to a registered number or email account

What is the main feature of a passwordless authentication scheme?

It uses ownership and biometric factors, but not knowledge factors

It requires a security question

It relies on email verification

What is the purpose of attestation in authentication?

To prove that a device or computer is a trustworthy platform

What is NT LAN Manager (NTLM) authentication?

A challenge-response authentication protocol created by Microsoft

What is a pluggable authentication module (PAM)?

A framework for implementing authentication providers in Linux

A hardware device for authentication

What is the function of a directory service?

To store identity information about all the objects in a particular network

What does Lightweight Directory Access Protocol (LDAP) do?

Accesses network directory databases to store information about authorized users

What is a distinguished name (DN) in a directory?

A collection of attributes that define a unique identifier for any given resource within an X.500-like directory

What is single sign-on (SSO) technology?

A technology that enables a user to authenticate once and receive authorizations for multiple services

A single sign-on authentication and authorization service based on a time-sensitive, ticket-granting system.

A file format that uses attribute-value pairs.

An XML-based web services protocol.

A standardized, stateless architectural style.

What does a Key Distribution Center (KDC) do in Kerberos?

It authenticates users and issues tickets (tokens).

It provides a shared login capability.

It is used to exchange authentication information.

It defines configurations in a structure.

What is a Ticket Granting Ticket (TGT) in Kerberos?

A token issued to an authenticated account to allow access to authorized application servers.

A service that holds the user account and performs authentication.

A protocol used to exchange messages.

A file format for attribute-value pairs.

What is the purpose of Federation in identity management?

To provide a shared login capability across multiple systems and enterprises.

To authenticate users and issue tickets.

To define configurations in a structure.

What role does an Identity Provider (IdP) play in a federated network?

It holds the user account and performs authentication.

It is used to exchange authentication information.

It defines configurations in a structure.

What is Security Assertion Markup Language (SAML)?

An XML-based data format used to exchange authentication information between a client and a service.

A protocol used to exchange messages.

A file format for attribute-value pairs.

A standardized, stateless architectural style.

ID and Access Management

Authored by Carlos Sowell

Computers

10th Grade

Used 8+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

70 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What are the three principles of the CIA Triad?

Confidentiality, Integrity, Availability

Confidentiality, Innovation, Accessibility

Control, Integrity, Access

Communication, Information, Access

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the fundamental security goal of confidentiality?

Keeping information accurate and free of errors

Ensuring systems operate continuously

Keeping information and communications private

Ensuring data remains associated with its creator

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which term refers to the security goal of ensuring data remains associated with its creator?

Integrity

Non-repudiation

Availability

Confidentiality

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What does the National Institute of Standards and Technology (NIST) do?

Develops computer security standards and publishes best practice guides

Provides funding for cybersecurity startups

Offers online courses in cybersecurity

Manufactures security hardware

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the purpose of security controls?

To increase system speed

To mitigate vulnerabilities and ensure CIA

To enhance user interface design

To reduce software costs

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the purpose of a gap analysis?

To measure the difference between current and desired states in a project

To identify security vulnerabilities in a system

To track user activity in a network

To determine user access rights

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What does identity and access management (IAM) provide?

Data encryption and decryption

Identification, authentication, and authorization mechanisms

Network traffic monitoring

System performance optimization

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

68 questions

WJEC Unit 1 Keywords

Quiz

•

10th Grade

71 questions

Soal Pilihan Ganda tentang HAKI

Quiz

•

10th Grade

75 questions

Database Essentials

Quiz

•

KG - University

73 questions

th1sg0nn4b3b3std4y17022025

Quiz

•

9th - 12th Grade

72 questions

Python Basics

Quiz

•

9th - 12th Grade

68 questions

NGHỀ :D

Quiz

•

9th - 12th Grade

68 questions

N5 Computing Science: Computer Structure

Quiz

•

10th Grade

71 questions

Ôn tập giữa kì tin 10 KNTT

Quiz

•

10th Grade

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

29 questions

Alg. 1 Section 5.1 Coordinate Plane

Quiz

•

9th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

11 questions

FOREST Effective communication

Lesson

•

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

Discover more resources for Computers

15 questions

Digital Safety Scenarios

Quiz

•

10th Grade

10 questions

Exploring Cybersecurity Techniques and Threats

Interactive video

•

6th - 10th Grade