ISTY Final Exam Review

440 terms by Stgalan 

Create a new folder

Advertisement Upgrade to remove ads

____ certificates are frequently used to secure e-mail transmissions and typically only require the user's name and e-mail address in order to receive this certificate.
Choose one answer.
a. Public digital
b. Private digital
c. Personal digital
d. Server digital

Personal digital

____ can verify the authenticity of the sender and enforce nonrepudiation to prove that the sender is who he claims to be and cannot deny sending it.
a. Asymmetric encryption
b. Elliptic encryption
c. Symmetric encryption
d. Private encryption

Asymmetric encryption

___________ certificates reduce the need to store multiple copies of the signing certificate.
Choose one answer.
a. Single-sided
b. Dual-key
c. EV-SSL
d. Class 1

Dual-key

The ____ function is a subordinate entity designed to handle specific CA tasks such as processing certificate requests and authenticating users.
Choose one answer.
a. Intermediate Authority
b. Repudiation Authority
c. Registration Authority
d. Certificate Authority

Repudiation Authority

Digital certificates cannot be used to identify objects other than users.
Answer:
True
False

False

Key ____ removes all private and public keys along with the user's identification information in the CA.
Choose one answer.
a. escrow
b. destruction
c. renewal
d. generation

destruction

A class 2 certificate is known as a ____ certificate.
Choose one answer.
a. signing digital
b. server digital
c. personal digital
d. code-signing

server digital

M-of-N control is a technique used in:
Choose one answer.
a. Key recovery
b. Third party trust
c. Bridge trust model
d. Key escrow

Key recovery

____ can be used to ensure the integrity of a file by guaranteeing that no one has tampered with it.
Choose one answer.
a. Blocking
b. Cloning
c. Hashing
d. Encrypting

Hashing

PGP and SSL function at the same layer of the Open System Interconnection (OSI) model.
Answer:
True
False

False

A(n) ____ serves as the trusted third-party agency that is responsible for issuing the digital certificates.
Choose one answer.
a. DA
b. RA
c. PA
d. CA

CA

At the ____ stage of the certificate life cycle, the certificate can no longer be used.
Choose one answer.
a. suspension
b. revocation
c. creation
d. expiration

expiration

ESP is a(n) _______________ protocol.
Choose one answer.
a. SHTTP
b. SSL
c. IPsec
d. PKI

IPsec

The ____ provides recommended baseline security requirements for the use and operation of CA, RA, and other PKI components.
Choose one answer.
a. DP
b. CP
c. AP
d. LP

CP

Which of the following would NOT be found in a digital certificate?
Choose one answer.
a. Owner's gender
b. Owner's address
c. Issuer's public key
d. Owner's public key

Issuer's public key

____ allows clients and the server to negotiate independently encryption, authentication, and digital signature methods, in any combination, in both directions.
Choose one answer.
a. SHTTP
b. HTTPS
c. SFTP
d. Telnets

SHTTP

Public keys can be stored by embedding them within digital certificates, while private keys can be stored on the user's local system.
Answer:
True
False

True

What does it mean when your web browser displays a padlock icon next to a digital certificate? Choose all that apply.
Choose at least one answer.
a. The CA certifies the Web site is the registered owner of the domain name
b. The certificate creates a cryptographic connection to protect communications
c. The CA has verified the identity of the organization
d. The CA certifies the organization is authorized to operate the Web site
e. The CA has verified the existence and identity of the web site owner
f. The CA has identified the existence of the organization

The CA has verified the identity of the organization
The CA has identified the existence of the organization
The CA has verified the existence and identity of the web site owner

Key ____ refers to a process in which keys are managed by a third party, such as a trusted CA.
Choose one answer.
a. management
b. escrow
c. renewal
d. destruction

escrow

A ____ trust refers to a situation in which two individuals trust each other because each trusts a third party.
Choose one answer.
a. third-party
b. distributed
c. mutual
d. web of

third-party

____ is a protocol developed by Netscape for securely transmitting documents over the Internet.
Choose one answer.
a. TLS
b. EAP
c. PEAP
d. SSL

SSL

_________ is referred to as a transparent protocol.
Choose one answer.
a. SSL
b. SSH
c. PGP
d. IPsec

IPsec

The ____ model is the basis for digital certificates issued to Internet users.
Choose one answer.
a. related trust
b. third-party trust
c. managed trust
d. distributed trust

distributed trust

____ certificates enable clients connecting to the Web server to examine the identity of the server's owner.
Choose one answer.
a. Private digital
b. Server digital
c. Personal digital
d. Public digital

Server digital

____ can protect the confidentiality of an e-mail message by ensuring that no one has read it.
Choose one answer.
a. Asymmetric encryption
b. Symmetric encryption
c. Standard encryption
d. Public encryption

Symmetric encryption

The primary function of a(n) ____ is to verify the identity of the individual.
Choose one answer.
a. DA
b. PA
c. RA
d. CA

RA

At the ____ stage of the certificate life cycle, the certificate is no longer valid.
Choose one answer.
a. revocation
b. creation
c. expiration
d. suspension

revocation

TLS is an extension of ____.
Choose one answer.
a. Telnet
b. HTTP
c. FTP
d. SSL

SSL

IPsec is an optional protocol with IPv4 but not with IPv6.
Answer:
True
False

True

With the ____ model, there is one CA that acts as a "facilitator" to interconnect all other CAs.
Choose one answer.
a. bridge trust
b. third-party trust
c. distributed trust
d. transitive trust

bridge trust

Digital signatures actually only show that the public key labeled as belonging to person was used to encrypt the digital signature.
Answer:
True
False

True

Since telnet is a cleartext protocol, a more secure alternative would be:
Choose one answer.
a. SSH
b. S/Telnet
c. Slogin
d. RSH

SSH

One of the duties of a CA is to distribute public key certificates.
Answer:
True
False

True

____ involves public-key cryptography standards, trust models, and key management.
Choose one answer.
a. Private key infrastructure
b. Shared key infrastructure
c. Public key infrastructure
d. Network key infrastructure

Public key infrastructure

Cryptography cannot protect data as it is being transported across a network.
Answer:
True
False

False

The PIV standard is applied by the DOD in applying a(n) ________ infrastructure to issue common access cards.
Choose one answer.
a. Bridge trust model
b. PKI
c. Transport encryption
d. IPsec

Bridge trust model

PKI can best be defined as:
Choose one answer.
a. The framework for security infrastructure management
b. The framework for digital certificate management
c. The framework for certifying users of security applications
d. The framework for supporting public key enabled security services

The framework for digital certificate management

SSL is more likely to be faster than IPSEC.
Answer:
True
False

False

The entity requesting a digital certificate usually sends their public key to the CA who issues and signs the certificate with the CA's __________.
Choose one answer.
a. Public hash
b. Public key
c. Private key
d. Private hash

Private key

What is the maximum fine for those who wrongfully disclose individually identifiable health information with the intent to sell it?
Choose one answer.
a. $100,000
b. $500,000
c. $1,000,000
d. $250,000

$250,000

Select the five steps of an attack.
a. Replace software on systems
b. Paralyze networks and devices
c. Probe for information
d. Hide evidence of an attack
e. Penetrate defenses
f. Modify security settings
g. Circulate to other systems

b. Paralyze networks and devices
c. Probe for information
e. Penetrate defenses
f. Modify security settings
g. Circulate to other systems

____ ensures that the individual is who they claim to be (the authentic or genuine person) and not an imposter.
Choose one answer.
a. Accounting
b. Encryption
c. Authorization
d. Authentication

Authentication

A study by Foote Partners showed that security certifications earn employees ____ percent more pay than their uncertified counterparts.
Choose one answer.
a. 10 to 14
b. 13 to 14
c. 14 to 16
d. 12 to 15

10 to 14

The position of ____ is generally an entry-level position for a person who has the necessary technical skills.
Choose one answer.
a. CISO
b. security manager
c. security technician
d. security administrator

security technician

A comprehensive definition of information security is: that which protects the _______ , _______ , and availability of information on the devices that ________, ___________ , and transmit the information through products, people, and procedures.
a. Store
b. Confidentiality
c. Usability
d. Manipulate
e. Integrity
f. Create

Store
Confidentiality
Manipulate
Integrity

Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information is sometimes known as ____.
Choose one answer.
a. cyberterrorism
b. spam
c. phishing
d. cybercrime

cybercrime

Select the five fundamental security principles in designing defenses against attacks.
Choose at least one answer.
a. Diversity
b. Complexity
c. Layering
d. Obscurity
e. Limiting
f. Depth
g. Simplicity

Diversity
Layering
Obscurity
Limiting
Simplicity

Recent employment trends indicate that employees with security certifications are in high demand.
Answer:
True
False

True

In information security, a loss can be ____.
Choose one answer.
a. theft of information
b. a delay in transmitting information that results in a financial penalty
c. the loss of good will or a reputation
d. all of the above

all of the above

The demand for IT professionals who know how to secure networks and computers is at an all-time low.
Answer:
True
False

False

Approximately ____ percent of households in the United States use the Internet for managing their finances.
Choose one answer.
a. 80
b. 60
c. 90
d. 70

80

____ involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain.
Choose one answer.
a. Scam
b. Cyberterrorism
c. Phishing
d. Identity theft

Identity theft

Weakness in software can be more quickly uncovered and exploited with new software tools and techniques.
Answer:
True
False

True

The FBI defines cyberterrorism as any premeditated, politically motivated attack against information, computer systems, computer programs, and data owned and operated by government and military organizations.
Answer:
True
False

False

____ ensures that only authorized parties can view information.
Choose one answer.
a. Security
b. Integrity
c. Confidentiality
d. Availability

Confidentiality

In a general sense, assurance may be defined as the necessary steps to protect a person or property from harm.
Answer:
True
False

False

To understand information security by examining its goals and accomplishments, one must:
Choose at least one answer.
a. First, ensure that people are properly trained in security procedures
b. Second, protect information that provides value to people and organizations
c. Second, implement policies that provide guarantees that procedures are being followed
d. First, ensure that protective measures are properly implemented

Second, protect information that provides value to people and organizations
First, ensure that protective measures are properly implemented

According to Panda, over 30 million new specimens of malware were created in a ten month period in 2010.
Answer:
True
False

False

According to researchers at GTRI, a password with fewer than 7 characters will be vulnerable very soon.
Answer:
True
False

False

Annually, the number of malware attacks against online banking is increasing by ____ and about _____ of banks reported loses from thoe attacks.
Choose at least one answer.
a. 60,000
b. 75%
c. 55%
d. 100,000
e. 70,000
f. 85%
f. 85%

60,000
85%

____ attacks are responsible for half of all malware delivered by Web advertising.
Choose one answer.
a. Melissa
b. Slammer
c. Fake antivirus
d. "Canadian Pharmacy"

Fake antivirus

Choose the statement(s) below that are correct concerning USB drives and attacks.
Choose at least one answer.
a. About one out of every 6 attacks came by USB flash drive devices.
b. As long as you always know where your USB flash drive has been used it is safe from infection.
c. Attackers leave infected USB flash drives in public places, hoping someone will pick them up and insert them into their computers.
d. USB flash drives are inherently safe from attacks due to Universal Serial Bus design.

Attackers leave infected USB flash drives in public places, hoping someone will pick them up and insert them into their computers.

The CompTIA Security+ Certification is aimed at an IT security professional with the recommended background of a minimum of two years experience in IT administration, with a focus on security.
Answer:
True
False

True

An information security ____ position focuses on the administration and management of plans, policies, and people.
Choose one answer.
a. manager
b. engineer
c. inspector
d. auditor

manager

____ is text that has no formatting (such as bolding or underlining) applied.
Choose one answer.
a. Simpletext
b. Plaintext
c. Simple text
d. Plain text

Plain text

Symmetric encryption is also called ____ cryptography.
Choose one answer.
a. symmetric key
b. public key
c. shared key
d. private key

private key

The most basic type of cryptographic algorithm is a ____ algorithm.
Choose one answer.
a. block
b. key
c. hash
d. digest

hash

____ was first proposed in the mid-1980s and it uses sloping curves.
Choose one answer.
a. FCC
b. RSA
c. ECC
d. IKE

ECC

____ ensures that the information is correct and no unauthorized person or malicious software has altered that data.
Choose one answer.
a. Integrity
b. Encryption
c. Availability
d. Confidentiality

Integrity

Block ciphers are considered more secure than stream ciphers because they are more random.
Answer:
True
False

True

NTRUEncrypt uses ____ cryptography that relies on a set of points in space.
Choose one answer.
a. linear
b. matrix-based
c. quantum
d. lattice-base

lattice-base

Cryptography is used in the encryption process but not in the steganography process.
Answer:
True
False

True

Select the true statement(s) about public keys.
Choose at least one answer.
a. They use the Diffie-Hellman algorithm
b. They should not be posted publicly on the Internet
c. They are used to encrypt content to be decrypted with the matching private key
d. They automatically create a digital signature to verify the sender is who they claim to be
e. They are used to decrypt content encrypted with the matching private key

They are used to encrypt content to be decrypted with the matching private key
They are used to decrypt content encrypted with the matching private key

The simplest type of stream cipher is a ____ cipher.
Choose one answer.
a. substitution
b. lock
c. loop
d. shift

substitution

Self-encrypting HDD is commonly found in copiers and multifunction printers as well as point-of-sale systems used in government, financial, and medical environments.
Answer:
True
False

True

Select the correct statements regarding stream and block ciphers.
Choose at least one answer.
a. Stream ciphers tend to be slower as the size of the plaintext increases
b. Block ciphers reset the entire document to its original state after processing it
c. Block ciphers can randomize the blocks of plaintext to be encrypted
d. Stream ciphers are less prone to attack

Stream ciphers tend to be slower as the size of the plaintext increases
Block ciphers can randomize the blocks of plaintext to be encrypted

In MD5, the length of a message is padded to ____ bits.
Choose one answer.
a. 64
b. 512
c. 32
d. 128

512

RC6 is used in WEP encryption.
Answer:
True
False

False

An advantage of TPM is that malicious software cannot attack it.
Answer:
True
False

True

The basis for a digital signature rests on the ability of ____ keys to work in both directions.
Choose one answer.
a. asymmetric
b. unique
c. shared
d. symmetric

Asymmetric

EFS uses GPG to encrypt and decrypt files.
Answer:
True
False

False

With most _________ the final step in the process is to combine the cipher stream with the plaintext to create the ciphertext.
Choose one answer.
a. Asymmetric algorithms
b. Symmetric ciphers
c. Quantum cryptography
d. Hash algorithms

Symmetric ciphers

Steganography can use image files, audio files, or even video files to contain hidden information.
Answer:
True
False

True

____ is designed to replace DES.
Choose one answer.
a. Twofish
b. 3DES
c. RSA
d. AES

3DES

____ takes plaintext of any length and creates a hash 128 bits long.
Choose one answer.
a. RSA
b. SHA1
c. MD5
d. MD2

MD2

The ____ is essentially a chip on the motherboard of the computer that provides cryptographic services.
Choose one answer.
a. TPM
b. SCM
c. ODS
d. reference monitor

TPM

A ____ is a number divisible only by itself and 1.
Choose one answer.
a. prime number
b. prime decimal
c. compound number
d. neutral number

prime number

Select the correct statement(s) below concerning PGP and GPG.
Choose at least one answer.
a. None are correct
b. Their keys are interchangable with each other
c. Both are examples of asymmetric encryption
d. They are essentially the same except one is designed primarily for Windows and the other primarily for Linux

None are correct

The algorithm ____ is a block cipher that operates on 64-bit blocks and can have a key length from 32 to 448 bits.
Choose one answer.
a. RSA
b. AES
c. Blowfish
d. 3DES

Blowfish

____ is a relatively recent cryptographic hash function that has received international recognition and adoption by standards organizations, including the International Organization for Standardization (ISO).
Choose one answer.
a. Twofish
b. Blowfish
c. Rijndal
d. Whirlpool

Twofish

The____ is a symmetric cipher that was approved by the NIST in late 2000 as a replacement for DES.
Choose one answer.
a. 3DES
b. Twofish
c. AES
d. RSA

AES

One of the most famous ancient cryptographers was ____.
Choose one answer.
a. Caesar Augustus
b. Albert Einstein
c. Julius Caesar
d. Isaac Newton

Julius Caesar

____ encryption uses two keys instead of only one and these keys are mathematically related.
Choose one answer.
a. Symmetric
b. Public key
c. Asymmetric
d. Shared

Asymmetric

Most HSMs are PAN-based appliances that can provide services to multiple devices.
Answer:
True
False

False

A hash that is created from a set of data can be reversed.
Answer:
True
False

False

_______ can be used to ensure the integrity of a message or file.
Choose one answer.
a. Metadata
b. Checksum
c. Hashing
d. Stream cipher

Hashing

A ____ cipher rearranges letters without changing them.
Choose one answer.
a. transposition
b. block
c. loop
d. substitution

transposition

The ____ algorithm is the most common asymmetric cryptography algorithm and is the basis for several products.
Choose one answer.
a. Twofish
b. RSA
c. Blowfish
d. AES

RSA

____ attempts to use the unusual and unique behavior of microscopic objects to enable users to securely develop and share keys as well as to detect eavesdropping.
Choose one answer.
a. Symmetric cryptography
b. Analog cryptography
c. Quantum cryptography
d. Reactive cryptography

Quantum cryptography

Cryptography cannot be applied to entire disks.
Answer:
True
False

False

In OAuth, token credentials can be revoked at any time by the user without affecting other token credentials issued to other sites.
Answer:
True
False

True

Trusted OSs have been used since the late 1960s, initially for government and military applications.
Answer:
True
False

False

Choose the correct statement regarding keystroke dynamics.
Choose one answer.
a. It is a representation of what you are
b. It is a representation of what you know
c. It is not a very accurate authentication method
d. It is a type of adaptive biometrics

It is a representation of what you are

Today's operating systems have roots dating back 20 or more years, well before security was identified as a critical process.
Answer:
True
False

True

A token uses passwords that are referred to as one time passwords.
Answer:
True
False

True

____ is using a single authentication credential that is shared across multiple networks.
Choose one answer.
a. Access management
b. Authorization management
c. Identity management
d. Risk management

Identity management

Phishing, shoulder surfing, and dumpster diving are examples of what kind of attacks against passwords?
Choose one answer.
a. Rainbow table
b. Social engineering
c. Cracking
d. Capturing

Social engineering

An operating system that has been reengineered so that it is designed to be secure from the ground up is known as a ____.
Choose one answer.
a. reference monitor
b. trusted OS
c. system monitor
d. transaction monitor

trusted OS

Although brute force and dictionary attacks were once the primary tools used by attackers to crack an encrypted password, today attackers usually prefer ____.
Choose one answer.
a. online cracking
b. offline cracking
c. rainbow tables
d. cascade tables

rainbow tables

____ attack is where every possible combination of letters, numbers, and characters is used to create encrypted passwords.
Choose one answer.
a. Known ciphertext
b. Brute force
c. Known plaintext
d. Space division

Brute force

If a user typically accesses his bank's Web site from his home computer on nights and weekends, then this information can be used to establish a ____ of typical access.
Choose one answer.
a. computer footprint
b. system
c. usage map
d. beachhead

computer footprint

Select the advantage(s) below of using rainbow tables.
Choose at least one answer.
a. Reduces amount of memory needed on attacking computer
b. Can be used over and over for cracking passwords
c. All are advantages
d. Faster than dictionary attacks

All are advantages

In 2010, 75% of attacks against Microsoft Office and Internet Explorer would have been prevented if the user had not been logged in as an administrator.
Answer:
True
False

False

It has been found that about 90% of passwords have an ending suffix.
Answer:
True
False

True

Nearly all operating systems and applications accept non-keyboard characters in passwords.
Answer:
True
False

False

Windows Live ID was originally designed as a ____ system that would be used by a wide variety of Web servers.
Choose one answer.
a. liberated identity management
b. distributed identity management
c. federated identity management
d. central identity management

federated identity management

____ is the time it takes for a key to be pressed and then released.
Choose one answer.
a. Dwell time
b. Show time
c. Lead time
d. Sync time

Dwell time

____ is related to the perception, thought process, and understanding of the user.
Choose one answer.
a. Reactive biometrics
b. Affective biometrics
c. Standard biometrics
d. Cognitive biometrics

Cognitive biometrics

A ____ is a secret combination of letters, numbers, and/or characters that only the user should know.
Choose one answer.
a. password
b. challenge
c. token
d. biometric detail

password

The set of letters, symbols, and characters that make up the password are known as a ____ set.
Choose one answer.
a. search
b. problem
c. character
d. result

character

Twenty five percent of passwords can be cracked by combining the following.
Choose at least one answer.
a. 100 common suffixes
b. 5,000 common dictionary words
c. 10, 000 names
d. Database of 1,000 common passwords
e. Phonetic patterns dictionary
f. Substituting characters, such as $ for S

100 common suffixes
Database of 1,000 common passwords

Using a rainbow table to crack a password requires three steps.
Answer:
True
False

False

Passwords provide strong protection.
Answer:
True
False

False

OpenID is an example of a(n) _________ that is a(n) ______ based system.
Choose at least one answer.
a. FIM
b. CAC
c. OTP
d. MFA
e. URL

FIM
URL

The weakness of passwords centers on ____.
Choose one answer.
a. human memory
b. human reliability
c. handshake technology
d. encryption technology

human memory

A(n) ____ can also capture transmissions that contain passwords.
Choose one answer.
a. application analyzer
b. function analyzer
c. protocol analyzer
d. system analyzer

protocol analyzer

It is predicted that ____ could become a key element in authentication in the future.
Choose one answer.
a. reactive biometrics
b. affective biometrics
c. cognitive biometrics
d. standard biometrics

cognitive biometrics

____ holds the promise of reducing the number of usernames and passwords that users must memorize.
Choose one answer.
a. ISO
b. SSL
c. SSO
d. IAM

SSO

To create a rainbow table, each ____ begins with an initial password that is encrypted.
Choose one answer.
a. chain
b. pass
c. block
d. link

chain

Microsoft ____ is a feature of Windows that is intended to provide users with control of their digital identities while helping them to manage privacy.
Choose one answer.
a. CardSpace
b. CAPI
c. CryptoAPI
d. MAPI

CardSpace

____ permits users to share resources stored on one site with a second site without forwarding their authentication credentials to the other site.
Choose one answer.
a. OpenAuth
b. Kerberos
c. OAuth
d. SAML

OAuth

____ accepts spoken words for input as if they had been typed on the keyboard.
Choose one answer.
a. Speech recognition
b. Text recognition
c. Linguistic recognition
d. Speech differentiation

Speech recognition

The ____ attack will slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters such as @, $, !, or %.
Choose one answer.
a. network replay
b. hash replay
c. hybrid
d. brute force

hybrid

____ can use fingerprints or other unique characteristics of a person's face, hands, or eyes (irises and retinas) to authenticate a user.
Choose one answer.
a. Standard biometrics
b. Affective biometrics
c. Cognitive biometrics
d. Reactive biometrics

Standard biometrics

Due to the limitations of online guessing, most password attacks today use ____.
Choose one answer.
a. hash replay
b. online cracking
c. token replay
d. offline cracking

offline cracking

A user or a process functioning on behalf of the user that attempts to access an object is known as the ____.
Choose one answer.
a. reference monitor
b. subject
c. entity
d. label

subject

A user under Role Based Access Control can be assigned only one ____.
Choose one answer.
a. label
b. group
c. role
d. access list

role

__________ is the process of verifying a persons credentials and determining they are who they claim to be.
Choose one answer.
a. Authorization
b. Access control
c. Authentication
d. Permission

Authentication

____ is often used for managing user access to one or more systems.
Choose one answer.
a. Rule Based Access Control
b. Mandatory Access Control
c. Discretionary Access Control
d. Role Based Access Control

Rule Based Access Control

____ is an authentication service commonly used on UNIX devices that communicates by forwarding user authentication information to a centralized server.
Choose one answer.
a. RADIUS
b. Kerberos
c. TACACS
d. FTP

TACACS

The action that is taken by the subject over the object is called a(n) ____.
Choose one answer.
a. access
b. control
c. authorization
d. operation

operation

____ accounts are user accounts that remain active after an employee has left an organization.
Choose one answer.
a. Stale
b. Fragmented
c. Orphaned
d. Active

Orphaned

TACACS+ and RADIUS are designed to support hundreds of remote connections.
Answer:
True
False

False

____________ limits the time an individual is in a position to manipulate security configurations.
Choose one answer.
a. Least privilege
b. Separation of duties
c. Secure time constraints
d. Job rotation

Job rotation

____ requires that if the fraudulent application of a process could potentially result in a breach of security, then the process should be divided between two or more individuals.
Choose one answer.
a. Mandatory vacation
b. Job rotation
c. Role reversal
d. Separation of duties

Separation of duties

________ is considered a more "real world" access control than other models.
Choose one answer.
a. Discretionary Access Control
b. Mandatory Access Control
c. Role Based Access Control
d. Rule Based Access Control

Role Based Access Control

The X.500 standard defines a protocol for a client application to access an X.500 directory called ____.
Choose one answer.
a. DAP
b. LDAP
c. DIT
d. DIB

DAP

A shield icon warns users if they attempt to access any feature that requires UAC permission.
Answer:
True
False

True

Authorization and access are viewed as synonymous and in access control, they are the same step.
Answer:
True
False

False

See More

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions above and try again

Example:

Reload the page to try again!

Reload

Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

NEW! Voice Recording

Create Set