NAME

Question types


Start with


Question limit

of 31 available terms

Advertisement Upgrade to remove ads
Print test

5 Written questions

5 Matching questions

  1. prevention technologies
  2. mandatory access control
  3. keep it simple
  4. ring policy
  5. network security
  1. a allows any subject to read any object without regard to the object's level of integrity and without lowering the subject's level of integrity (p35)
  2. b control access to internal computers from external entities
  3. c a means of restricting access to objects based on the sensitivity (as represented by a label) of the information contained in the objects and the formal authorization (i.e., clearance) of subjects to access information of such sensitivity. OS decides if access is granted
  4. d access controls, firewalls, encryption
  5. e if the mechanism is overly complex, identifying the root of the problem may be overwhelming if not impossible. also eliminate nonessential services and protocols

5 Multiple choice questions

  1. making different layers of security dissimilar so that even if attackers know how to get through a system made up of one layer, they may not know how to get through a different type of layer. also use different vendor products
  2. Bell-LaPadula security principle that states a subject can write to an object if its security classification is less than or equal to the object's security classification (p34)
  3. confirms that a message did indeed come from where it says it comes from
  4. the approach of protecting something by hiding it
  5. providing something you know, something you have , something about you to prove your identity

5 True/False questions

  1. tokennetwork authentication protocol designed for client/server environment that issues tickets by an authentication server that is trusted by the client and the server the client wishes to access

          

  2. multifactorprocess used to verify the computer system or network that the individual is who they claim to be, usually through user ID and password

          

  3. simple security ruleBell-LaPadula security principle that states no subject can read information from an object with a security classification higher than the subject itself (p34)

          

  4. kerberosnetwork authentication protocol designed for client/server environment that issues tickets by an authentication server that is trusted by the client and the server the client wishes to access

          

  5. three ways to protect organization network1. do nothing- use out-of-the-box software tools 2. host security 3. network security