4.3 Given a scenario, implement identity and access management controls. Flashcards

1
Q

Mandatory Access Control

A
Most restrictive
Uses Labels (Secret, Top Secret, FOUO)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Discretionary access control

A

Owner Controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Role-based Access control

A
The position/job you have determines your access
on test (if you see "high turn over" answer will be role based)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Rule-based Access control

A

Pre-defined security rules determine access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Physical Access control

A

something that physically stops you from entering a building/room/etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Smart Cards

A

CAC - Government

PIV - Civilian

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Biometrics

A

Eyeball,fingerprint

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Retina Scanner

A

Scanns the BACK of the eye

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Iris Scanner

A

Scans the colored part of the eye

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

HOTP

A

Will not change until someone uses it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

TOTP

A

Changes in a time interval regardless of when you use it. usually changes every 1 minute.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

IEEE 802.1x

A

Certificate-based authentication

If you see a question about RADIUS and one answer says 802.1X THAT is the answer,

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Bitlocker

A

Encrypts entire harddrive, Microsoft only. only works when you reboot or turnoff your computer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

EFS

A

Encrypting File system - encrypts just the folders you tel it to.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What should you encrypt on a Server?

A

Encrypt sensitive records only not the entire database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What form of authorization is based on a scheme of attributes or characteristics related to the user, the object, the system, the application, the network, the service, the time of day, or even other subjective environmental concerns?

A. RBAC
B. MAC
C. DAC
D. ABAC

A

D. ABAC

17
Q
What type of biometric error increases as the sensitivity of the device increases?
A. FAR
B. FRR
C. CER
D. False Positive
A

B. FRR

18
Q
Which is the strongest form of password?
A. More than eight characters
B. A password that is used once
C. Static
D. Different types of keyboard characters
A

B. A password that is used once