Question types

Start with

Question limit

of 31 available terms

Advertisement Upgrade to remove ads
Print test

5 Written questions

5 Matching questions

  1. three ways to protect organization network
  2. ring policy
  3. prevention technologies
  4. discretionary access control
  5. authentication methods
  1. a allows any subject to read any object without regard to the object's level of integrity and without lowering the subject's level of integrity (p35)
  2. b access controls, firewalls, encryption
  3. c 1. do nothing- use out-of-the-box software tools 2. host security 3. network security
  4. d an access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have
  5. e providing something you know, something you have , something about you to prove your identity

5 Multiple choice questions

  1. when implementing authorization, the table specifying which portions of the system users are permitted to access and what actions
  2. hardware device used in challenge/response authentication process
  3. process where each side of an electronic communication verifies the authenticity of the other
  4. the use of more than one authentication mechanism at a time
  5. Users only have the minimum set of rights, permissions, and privileges that they need to accomplish their jobs

5 True/False questions

  1. keep it simpleUsers only have the minimum set of rights, permissions, and privileges that they need to accomplish their jobs


  2. role-based access controluser is assigned a set of roles they can perform and roles are assigned access permission necessary to perform tasks associated with the role


  3. mandatory access controla means of restricting access to objects based on the sensitivity (as represented by a label) of the information contained in the objects and the formal authorization (i.e., clearance) of subjects to access information of such sensitivity. OS decides if access is granted


  4. digital certificatesprocess used to verify the computer system or network that the individual is who they claim to be, usually through user ID and password


  5. access controlregulates what a user can do on a system