Download Document 8757895

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
Document related concepts

Computer security wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Wireless security wikipedia , lookup

Security-focused operating system wikipedia , lookup

Unix security wikipedia , lookup

Access control wikipedia , lookup

Transcript 
MIS5214 Week 4 Your Name __________________________ Date __________ 1. Which of the following are the primary components of a discretionary access control (DAC) model?
Each correct answer represents a complete solution. Choose two.
A.
B.
C.
D.
User's group
File and data ownership
Smart card
Access rights and permissions
2. The network you administer allows owners of objects to manage the access to those objects via
access control lists. This is an example of what type of access control?
A.
RBAC
B.
MAC
C.
CIA
D.
DAC
3. Which of the following categories of implementation of the access control includes all these security
services?
A.
B.
C.
D.
Administrative access control
Logical access control
Physical access control
Preventive access control
4. Which of the following attacks allows the bypassing of access control lists on servers or routers, and
helps an attacker to hide? Each correct answer represents a complete solution. Choose two.
A.
B.
C.
D.
DNS cache poisoning
MAC spoofing
IP spoofing attack
DDoS attack
5. Which of the following are types of access control attacks? Each correct answer represents a
complete solution. Choose all that apply.
A.
B.
C.
D.
Dictionary attack
Mail bombing
Spoofing
Brute force attack
6. Kerberos is a computer network authentication protocol that allows individuals communicating over a
non-secure network to prove their identity to one another in a secure manner.
Which of the following statements are true about the Kerberos authentication scheme? Each correct
answer represents a complete solution. Choose all that apply.
A.
Kerberos requires continuous availability of a central server.
B.
Dictionary and brute force attacks on the initial TGS response to a client may reveal the
subject's passwords.
C.
Kerberos builds on Asymmetric key cryptography and requires a trusted third party.
D.
Kerberos requires the clocks of the involved hosts to be synchronized.
Answer: A,B,D
7. In which of the following access control models, owner of an object decides who is allowed to access
the object and what privileges they have?
A.
B.
C.
D.
Access Control List (ACL)
Mandatory Access Control (MAC)
Role Based Access Control (RBAC)
Discretionary Access Control (DAC)
8. An organization has implemented a hierarchical-based concept of privilege management in which
administrators have full access, HR managers have less permission than the administrators, and data
entry operators have no access to resources.
Which of the following access control models is implemented in the organization?
A.
Role-based access control (RBAC)
B.
Network-based access control (NBAC)
C.
Mandatory Access Control (MAC)
D.
Discretionary access control (DAC)
9. Which of the following is an entry in an object's discretionary access control list (DACL) that grants
permissions to a user or group?
A.
Access control entry (ACE)
B.
Discretionary access control entry (DACE)
C.
Access control list (ACL)
D.
Security Identifier (SID)
10. Access control systems enable an authority to control access to areas and resources in a given
physical facility or computer-based information system.
Which of the following services provided by access control systems is used to determine what a subject
can do?
A.
B.
C.
D.
Authentication
Authorization
Accountability
Identification
11. Which of the following decides access control on an object in the mandatory access control (MAC)
environment?
A.
B.
C.
D.
Sensitivity label
Event log
System Access Control List (SACL)
Security log
Related documents
Document 8757894
Document 8757894
PPT - CS
PPT - CS
Accounts and Authentication
Accounts and Authentication
Network Addressing
Network Addressing
MCS 022 Term-End Examination June, 2014
MCS 022 Term-End Examination June, 2014
What is Computer Software?
What is Computer Software?
slides
slides
Database Security
Database Security
The Marketing Concept - Joplin Business Department
The Marketing Concept - Joplin Business Department
Access Control Patterns
Access Control Patterns
Network Device Security Options
Network Device Security Options
Presentation
Presentation
Kx509: Leveraging Kerberos to Obtain Digital Certificates for Web
Kx509: Leveraging Kerberos to Obtain Digital Certificates for Web
Chapter 4
Chapter 4
Access Control - FTP Directory Listing
Access Control - FTP Directory Listing
CH04-CompSec2e - MCST-CS
CH04-CompSec2e - MCST-CS
Unit OS7: Windows Security Components and Concepts
Unit OS7: Windows Security Components and Concepts
How to Connect to a Microsoft SQL Server Database that Uses
How to Connect to a Microsoft SQL Server Database that Uses
Handout
Handout
Greenplum Database 4.2 Connectivity Tools for Windows
Greenplum Database 4.2 Connectivity Tools for Windows
Greenplum Database 4.2 Connectivity Tools for Windows
Greenplum Database 4.2 Connectivity Tools for Windows
Code of conduct for Discretionary FSPs
Code of conduct for Discretionary FSPs