15 terms

Testout LabSim Security Pro, 2.1 Exam

STUDY
PLAY

Terms in this set (...)

Which is the star property of Bell-LaPadula?

A. No read up
B. No read down
C. No write up
D. No write down
D. No write down
The Clark-Wilson model is primarily based on?

A. A driected graph
B. Controlled intermediary access applications
C. Dynamic access controls
D. A matrix
B. Controlled intermediary access applications

Clark-Wilson model is primarily based on controlled intermediary access applications that prevent direct access to the back-end database.
The Brewer-Nash model is designed primarily to prevent?

A. False acceptance
B. DDOS
C. Inference attacks
D. Conflicts of interest
D. Conflicts of interest

Brewer-Nash model is designed primarily to prevent conflicts of interest by dynamically adjusting access based on current activity.
Discretionary Access Control (DAC) manages access to resources using what primary element or aspect?

A. Rules
B. Age
C. Identity
D. Classification
C. Identity

DAC manages access to resources using identity (user accounts) . Most common type of access control. Managing access by identity means you grant ability to access resources and preform actions based on who a person is. Most comon means to log into DAC environment is username and password.
What role of access control is based on job descriptions?

A. Role-based access control RBAC
B. Mandatory access control MAC
C. Location based access control LBAC
D. Discretionary access control DAC
A. Role-based access control RBAC

RBAC is based on job descriptions.
Which forms of access control enforces security based on user identities and allows individual users to define access controls over owned resources?

A. Role-based access control RBAC
B. Mandatory access control MAC
C. Discretionary access control DAC
D. Task-based access control TBAC
C. Discretionary access control DAC

DAC uses identities to control resource access. Users can make their own decisions about the access to grant other users.
Which type of access control focuses on assigning privileges based on security clearance and data sensitivity?

A. Discretionary access control DAC
B. Mandatory access control MAC
C. Task-based access control TBAC
D. Role-based access control RBAC
B. Mandatory access control MAC

MAC uses classifications to assign privileges based on security clearances and data sensitivity.
In which form of access control environment is access controlled by rules rather than by identity?

A. Most client-server environments
B. ACL
C. Mandatory access control MAC
D. Discretionary access control DAC
C. Mandatory access control MAC

MAC environment controls access based on rules rather than by identity.
You have implemented an access control method that allows only users who are managers to access specific data. Which type of access control model is used?

A. DACL
B. Discretionary access control DAC
C. Mandatory access control MAC
D. Role-based access control RBAC
D. Role-based access control RBAC

Role-based access control RBAC allows access based on a role in an organization, not individual users. Roles are defined based on job description or a security access level.
Users are made members of a role, and receive the permissions assigned to the role.
You have a system that allows the owner of a file to identify users and their permissions to the file. Which type of access control model is implemented?

A. Role-based access control RBAC (Roles)
B. Role-based access control RBAC (Rules)
C. Mandatory access control MAC
D. Discretionary access control DAC
D. Discretionary access control DAC

Example of discretionary access control list DACL which uses Discretionary Access Control DAC model. With DAC, individuals use by their own description (decisions/preferences) for assigning permissions and allowing or denying access.
Which of the following is the term for the process of validating a subjects identity?

A. Authentication
B. Auditioning
C. Authorization
D. Identification
A. Authentication

Authentication is process of validating a subjects identity. Includes identification process, the user providing input to prove identity, and the system accepting that input as valid.
Which of the following is used for identification?

A. Password
B. Cognitive question
C. PIN
D. Username
D. Username

Identification is the initial process of conforming the identity of a user requesting credentials and occurs when a user types in a user ID to log on. Username is used for identification, while a password, PIN, or some other cognitive information is used for authentication.
A remote access user needs to gain access to resources on the server. Which of the processes are preformed by the remote access server to control access to resources?

A. Identity proofing and authentication
B. Authorization and accounting
C. Identity proofing and authorization
D. Authentication and accounting
E. Authentication and authorization
E. Authentication and authorization

Authentication: Process of proving identity. After devices agree on authentication protocol to use, the logon credentials are exchanged and logon is allowed/denied.

Authorization: Process of identifying resources that a user can access over the remote access connection. Controlled thru use of network policies (remote access policies) as well as access control lists.
Which of the following defines an object as used in access control?

A. Data, applications, systems, networks, physical space.
B. Policies, procedures, technologies implemented within system.
C. Users, applications, processes that need to be given access.
D. Resources policies, and stems.
A. Data, applications, systems, networks, physical space.

Objects are the data, applications, stems, networks, and physical space.
Which access control model manages rights and permissions based on job descriptions and responsibilities?

A. Task based access control TBAC
B. Role based access control RBAC
C. Discretionary access control DAC
D. Mandatory access control MAC
B. Role based access control RBAC

RBAC access control model that manages rights/permissions based on job description. RBAC focuses on job description/work tasks, instead of employing user accounts to define access. Best suited for environments that have high rate of employee turnover. Defining access based on roles rather than individuals simplifies administration when granting a new person access to common activities.