NAME

Question types


Start with


Question limit

of 31 available terms

Advertisement
Print test

5 Written questions

5 Matching questions

  1. access control
  2. simple security rule
  3. response technologies
  4. diversity of defense
  5. operational model of computer security
  1. a protection = prevention + (detection + response)
  2. b making different layers of security dissimilar so that even if attackers know how to get through a system made up of one layer, they may not know how to get through a different type of layer. also use different vendor products
  3. c backups, incident response teams, computer forensics
  4. d Bell-LaPadula security principle that states no subject can read information from an object with a security classification higher than the subject itself (p34)
  5. e regulates what a user can do on a system

5 Multiple choice questions

  1. redundancy of different protection layers ensures there is no single point of failure pertaining to security
  2. provides authentication across a point-to-point link using point to point protocol (PPP), also known as a three-way handshake
  3. process used to verify the computer system or network that the individual is who they claim to be, usually through user ID and password
  4. if the mechanism is overly complex, identifying the root of the problem may be overwhelming if not impossible. also eliminate nonessential services and protocols
  5. allows any subject to read any object without regard to the object's level of integrity and without lowering the subject's level of integrity (p35)

5 True/False questions

  1. least privilegeUsers only have the minimum set of rights, permissions, and privileges that they need to accomplish their jobs

          

  2. mandatory access controlan access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have

          

  3. access control matrixwhen implementing authorization, the table specifying which portions of the system users are permitted to access and what actions

          

  4. digital certificatesprocess used to verify the computer system or network that the individual is who they claim to be, usually through user ID and password

          

  5. integrity levelsindicates the level of "trust" that can be placed in information at the different levels, and limit modification as opposed to the flow of information (p35)