access control model dynamically assign roles subject based set defined rules

Which access control model can dynamically assign roles to subject based on a set of defined rules?

A user or a process functioning on behalf of the user that attempts to access an object is known as the:

Question 1 options:

subject

reference monitor

entity

label

subject

The action that is taken by a subject over an object is called a(n):

Question 2 options:

authorization

access

control

operation

operation

What is the name for a predefined framework that can be used for controlling access, and is embedded into software and hardware?

Question 3 options:

accounting and access model

user control model

access control model

authorization control model

access control model

What access control model below is considered to be the most restrictive access control model, and involves assigning access controls to users strictly according to the custodian?

Question 4 options:

Mandatory Access Control

Role Based Access Control

Discretionary Access Control

Rule Based Access Control

Mandatory Access Control

In a UAC prompt, what color is used to indicate the lowest level of risk?

Question 5 options:

red

gray

yellow

green

gray

Which access control model is considered to be the least restrictive?

Question 6 options:

Role Based Access Control

Mandatory Access Control

Rule Based Access Control

Discretionary Access Control

Discretionary Access Control

Select below the access control model that uses access based on a user's job function within an organization:

Question 7 options:

Role Based Access Control

Rule Based Access Control

Discretionary Access Control

Mandatory Access Control

Role Based Access Control

Which access control model can dynamically assign roles to subjects based on a set of defined rules?

Question 8 options:

Role Based Access Control

Mandatory Access Control

Rule Based Access Control

Discretionary Access Control

Rule Based Access Control

When using Role Based Access Control (RBAC), permissions are assigned to:

Question 9 options:

Roles

Groups

Labels

Users

Roles

A vulnerable process that is divided between two or more individuals to prevent fraudulent application of the process is known as:

Question 10 options:

Separation of duties

Job rotation

Mandatory vacation

Role reversal

Separation of duties

A list that specifies which subjects are allowed to access an object and what operations they can perform on it is referred to as a(n):

Question 11 options:

ACE

DAC

entity

ACL

ACL

User accounts that remain active after an employee has left an organization are referred to as being what type of accounts?

Question 12 options:

Active

Stale

Orphaned

Fragmented

Orphaned

To assist with controlling orphaned and dormant accounts, what can be used to indicate when an account is no longer active?

Question 13 options:

Password expiration

Account expiration

Last login

Account last used

Account expiration

Although designed to support remote dial-in access to a corporate network, what service below is commonly used with 802.1x port security for both wired and wireless LANs?

Question 14 options:

RADIUS

ICMP

FTP

Telnet

RADIUS

During RADIUS authentication, what type of packet includes information such as identification of a specific AP that is sending the packet and the username and password?

Question 15 options:

accounting request

access request

verification request

authentication request

authentication request

Select below the authentication system developed by the Massachusetts Institute of Technology (MIT) to verify the identity of network users:

Question 16 options:

Aurora

Kerberos

CHAP

TACACS

Kerberos

What authentication service commonly used on UNIX devices involves communicating user authentication information to a centralized server?

Question 17 options:

TACACS

RADIUS

Kerberos

FTP

TACACS

Entries within a Directory Information Base are arranged in a tree structure called the:

Question 18 options:

DAP

PEAP

EAP

DIT

DIT

The X.500 standard defines a protocol for a client application to access an X.500 directory known as which of the following options?

Question 19 options:

DIB

DAP

DIT

LDAP

DAP

What kind of attack allows for the construction of LDAP statements based on user input statements, which can then be used to access the LDAP database or modify the database's information?

Question 20 options:

LDAP poisoning

Kerberos injection

LDAP injection

DAP hijacking

LDAP injection

Which access control model can dynamically assign roles to subjects based on a set of defined rules Group of answer choices?

Which access control model can dynamically assign roles to subjects based on a set of defined rules? Group policy is a Unix feature that allows for the centralized management and configuration of computers and remote users using Unix Active Directory.

Which access control model that uses access based on a users job function with an organization?

Access under RBAC is based on a user's job function within the organization to which the computer system belongs. Essentially, RBAC assigns permissions to particular roles in an organization. Users are then assigned to that particular role.

When using role based access control RBAC permissions are assigned to which of the following?

With RBAC, permissions are associated with roles, and users or groups are assigned to appropriate roles. Roles are defined according to job competency, authority, and responsibility within the enterprise. Users and groups are easily reassigned from one role to another.

Which type of access controls can be role based or task based?

Role-based access control and task-based access control are known Mandatory Access controls (or non-discretionary controls), which match information to roles or tasks, not individual users.

zusammenhängende Posts

Which layer of the OSI model contains the TCP protocol which is used for establishing connections and reliable data transport between devices?
Which of the following is an alternate security control that fulfills an original goal without implementing the primary control?
In which multi tasking mode can an operating system take control of the processor without consent from the task?
A system administrator needs to install a new wireless network for authenticated guest access
What is the difference between an intrusion detection system and an Intrusion Prevention System Explain how each fits into the overall access control system?
What are the three components required to manage access control to a network and its resources?
Which type of malware is access the victims computer or a network without the users knowledge?
What can be used to run Java Script in a restricted environment and limit what resources it can access?
What is a remote access tool that allows a user to ask for help from a technician or co worker?
Which of the following principles is violated if computer system is not accessible confidentiality Availability access control authentication?

Toplist

Neuester Beitrag

Stichworte