Terms in this set (12)
Separation of duties is an example of which type of access control?
You want to make sure that any reimbursement checks issued by your company cannot be issued by a single person. Which principle should you implement to accomplish this goal?
Separation of duties
An access control list (ACL) contains a list of users and allowed permissions. What is it called if the ACL automatically prevents access to anyone not on the list?
Which of the following is an example of privilege escalation?
Which security principle prevents any one administrator from having sufficient access to compromise the security of the overall IT solution?
Separation of duties
What is the primary purpose of separation of duties?
Prevent conflicts of interest
Which of the following principles is implemented in a mandatory access control model to determine access to an object using classification levels?
Need to know
You are concerned that the accountant in your organization might have the chance to modify the books and steal from the company. You want to periodically have another person take over all accounting responsibilities to catch any irregularities.
Which type of media preparation is sufficient for media that will be reused in a different security context with your organization?
Need to know is required to access which types of resources?
You want to implement an access control list where only the users you specifically authorize have access to the resource. Anyone not on the list should be prevented from having access.
Explicit allow, implicit deny
By assigning access permissions so that users can only access those resources which are required to accomplish their specific work tasks, you would be in compliance with?
Principle of least privilege
YOU MIGHT ALSO LIKE...
Testout Practice Questions (2.3.4 - 4.10.3)
Security+ 2.4 Access Control Best Practices
OTHER SETS BY THIS CREATOR
Real Estate Ch 15 Terms
Real Estate Ch 16 Terms
Real Estate Ch 18 Terms
Real Estate Ch 17 Terms
THIS SET IS OFTEN IN FOLDERS WITH...
Access Control Models
4.3 Risk Management
Mid1 Chap2 M82