Access Control Flashcards
What data structure is used to implement discretionary access control?
a. Linked list
b. 2d matrix
c. Red and black tree
d. Stack
b. 2d matrix
Which of the following is granting permission to a system entity to access a system resource?
a. Authentication
b. Authorization
c. Audit
d. Allowance
e. None of the above
b. Authorization
What kind of relationship is a role to a user in role based access control?
a. 1 to 1
b. 1 to many
c. Many to one
d. Many to many
d. Many to many (a role can have many users, many users can have many roles review chapter 4, page 146 and chapter 27)
T/F: Access control implements a security policy that verifies the credentials of a user
False (page 107)
Which entities and functions form access control?
Authentication, Authorization, and Audit
Define Authentication
Verification that the credentials of a user or other system entity are valid
Define Authorization
The granting of a right or permission to a system entity to access a system resource. This function determines who is trusted for a given purpose.
Define Audit
An independent review and examination of system records and activities in order to test for adequacy of system controls, to ensure compliance with established policy and operational procedures, to detect breaches in security, and to recommend any indicated changes in control, policy, and procedures
This policy controls access based on the identity of the requestor and on access rules (authorizations) stating what requestors are (or are not) allowed to do. This policy is termed [ ] because an entity might have access rights that permit the entity, by its own volition, to enable another entity to access some resource.
a. Mandatory Access Control (MAC)
b. Attribute Based Access Control (ABAC)
c. Discretionary Access Control (DAC)
d. Role Based Access Control (RBAC)
c. Discretionary Access Control (DAC)
This policy controls access based on comparing security labels (which indicate how sensitive or critical system resources are) with security clearances (which indicate system entities are eligible to access certain resources). This policy is termed [ ] because an entity that has clearance to access a resources may not, just by its own volition, enable another entity to access that resource
a. Mandatory Access Control (MAC)
b. Attribute Based Access Control (ABAC)
c. Discretionary Access Control (DAC)
d. Role Based Access Control (RBAC)
a. Mandatory Access Control (MAC)
This policy controls access based on the roles that users have within the system and on rules stating what accesses are allowed to users in given roles.
a. Mandatory Access Control (MAC)
b. Attribute Based Access Control (ABAC)
c. Discretionary Access Control (DAC)
d. Role Based Access Control (RBAC)
d. Role Based Access Control (RBAC)
This policy controls access based on attributes of the user, the resource to be accessed, and current environmental conditions
a. Mandatory Access Control (MAC)
b. Attribute Based Access Control (ABAC)
c. Discretionary Access Control (DAC)
d. Role Based Access Control (RBAC)
b. Attribute Based Access Control (ABAC)
Which of the following is an entity capable of accessing objects. Generally, the concept of [ ] equates with that of process.
a. Subject
b. Object
c. Access Right
d. Access Matrix
a. Subject
Which of the three classes of subject have the least amount of access granted to users who are able to access the system but are not included in the categories owner and group for this resource
a. Owner
b. Group
c. World
c. World
Which of the three classes of subject may be the creator of a resource, such as a file? For system resources [ ] may belong to a system administrator. For project resources, a project administrator or leader may be assigned [ ].
a. Owner
b. Group
c. World
a. Owner
Which of the three classes of subject is described as: a named group of users may also be granted access rights, such that membership in the group is sufficient to exercise these access rights.
a. Owner
b. Group
c. World
b. Group
Which of the following is a recourse to which access is controlled? A [ ] is an entity used to contain and/or receive information. Examples include records, blocks, pages, segments, files, portions of files, directories, directory trees, mailboxes, messages and programs.
a. Subject
b. Object
c. Access Right
d. Access Matrix
b. Object
Which of the following described the way in which a subject may access an object?
a. Access Matrix
b. Capability List
c. Capability Matrix
d. Access Right
d. Access Right
This access right allows a user to view information in a system or resource. It includes the ability to copy or print.
a. Search
b. Execute
c. Read
d. Write
e. Delete
f. Create
c. Read
This access right allows a user to list the files in a directory or otherwise find the directory.
a. Search
b. Execute
c. Read
d. Write
e. Delete
f. Create
a. Search
This access right allows a user to create new files, records, or fields
a. Search
b. Execute
c. Read
d. Write
e. Delete
f. Create
f. Create
This access right allows a user to add, modify, or delete data in a system resource. It includes read access.
a. Search
b. Execute
c. Read
d. Write
e. Delete
f. Create
d. Write
This access right allows a user to delete certain system resources such as files or records
a. Search
b. Execute
c. Read
d. Write
e. Delete
f. Create
e. Delete (duh)
This access right allows a user to execute specified programs
a. Search
b. Execute
c. Read
d. Write
e. Delete
f. Create
b. Execute
What is the general approach to Discretionary Access Control (DAC) as exercised by an operating system or a database management system?
a. Access Control List
b. Access Matrix
c. Capability Control Matrix
d. Capability List
b. Access Matrix
What are the two dimensions of an access matrix?
One dimension of the matrix consists of identified subjects that may attempt data access to the resources (individual users or user groups)
The other dimension lists the objects that may be accessed. Objects may be individual data fields or records, files or databases
Key is that each entry in the matrix indicates the access rights of a particular subject for a particular object
Name and describe the two ways access control matrices can be decomposed
Access Control Lists (ACLs): for each object, an ACL lists users and their permitted access rights
Capability Tickets: specifies authorized objects and operations for a particular user. Each user has a number of tickets and may be authorized to load or give them to others
The universe of objects can be extended in multiple ways. One way is through _____ which are: access rights include the ability to delete, stop/block, and wake these up.
a. Processes
b. Devices
c. Memory Locations or Regions
d. Subjects
a. Processes
The universe of objects can be extended in multiple ways. One way is through _____ which are: access rights include the ability to read/write, control operation of, and block/unblock these for use.
a. Processes
b. Devices
c. Memory Locations or Regions
d. Subjects
b. Devices
The universe of objects can be extended in multiple ways. One way is through _____ which are: access rights include the ability to read/write these. They are protected such that the default is to disallow access
a. Processes
b. Devices
c. Memory Locations or Regions
d. Subjects
c. Memory Locations or Regions
The universe of objects can be extended in multiple ways. One way is through _____ which are: access rights with respect to these have to do with the ability to grant or delete access rights of them to other objects
a. Processes
b. Devices
c. Memory Locations or Regions
d. Subjects
d. Subjects
Explain the meaning of inode in the UNIX file administration system
Is a control structure that contains the key information needed by the operating system for a particular file.
Several file names may be associated with a single inode, but an active inode is associated with exactly one file, and each file is controlled by exactly one inode.
There are four entities in an RBAC system. This one is an individual that has access to his computer system. Each individual has an associated user IDF
a. User
b. Role
c. Permission
d. Session
a. User
There are four entities in an RBAC system. This one is a named job function within the organization that controls this computer system. Typically, associated with each [ ] is a description of the authority and responsibility conferred to it, and on any user who assumes this [ ]
a. User
b. Role
c. Permission
d. Session
b. Role
There are four entities in an RBAC system. This one is an approval of a particular mode of access to one or more objects. Equivalent terms are access right, privilege, and authorization
a. User
b. Role
c. Permission
d. Session
c. Permission
There are four entities in an RBAC system. This one is a mapping between a user and an activated subset of the set of roles to which the user is assigned
a. User
b. Role
c. Permission
d. Session
d. Session
Constraints provide a means of adapting RBAC to the specifics of administrative and security policies in an organization. A constraint is a defined relationship among roles or a condition related to roles.
This RBAC constraint refers to setting a maximum number with respect to roles. One such constraint is to set a maximum number of users that can be assigned to a given role.
a. Mutually Exclusive Roles
b. Cardinality
c. Prerequisite Roles
b. Cardinality
Constraints provide a means of adapting RBAC to the specifics of administrative and security policies in an organization. A constraint is a defined relationship among roles or a condition related to roles.
This RBAC constraint refers to roles such that a user can be assigned to only one role in the set
a. Mutually Exclusive Roles
b. Cardinality
c. Prerequisite Roles
a. Mutually Exclusive Roles
Constraints provide a means of adapting RBAC to the specifics of administrative and security policies in an organization. A constraint is a defined relationship among roles or a condition related to roles.
This RBAC constraint refers to dictating a user can only be assigned to a particular role if it is already assigned to some other specified role.
a. Mutually Exclusive Roles
b. Cardinality
c. Prerequisite Roles
c. Prerequisite Roles
T/F: The main obstacle to adoption of ABAC is the concern about the performance impact. Its evaluation is predicated on both resource and user properties for each access.
True
What are the 3 key elements to an ABAC model?
Attributes: defined for entities in a configuration
Policy Model: defines the ABAC policies
Architecture Model: applies to policies which enforce access control
There are three types of attributes for ABAC Model. This one is defined as: an active entity (e.g. a user, an application, a process, or a device) which causes information to flow among objects or changes the system state
a. Subject Attributes
b. Object Attributes
c. Environmental Attributes
a. Subject Attributes
There are three types of attributes for ABAC Model. This one is defined as: a resource. Is a passive information system-related entity (e.g. devices, files, records, tables, processes, programs, networks, domains) containing or receiving information
a. Subject Attributes
b. Object Attributes
c. Environmental Attributes
b. Object Attributes
There are three types of attributes for ABAC Model. This one is defined as: the operational, technical, and even situational environment or context in which the information access occurs.
a. Subject Attributes
b. Object Attributes
c. Environmental Attributes
c. Environmental Attributes
T/F: Privileges in ABAC are a set of rules and relationships which govern allowable behavior within an organization, based on the privileges of subjects and how resources or objects are to be protected under which environment conditions.
False. Defined is a policy in ABAC.
T/F: Policy in ABAC represent the authorized behavior of a subject (also called rights, authorizations, or entitlements).
False. This is the definition for privileges in ABAC
This is a comprehensive approach to managing and implementing digital identities, credentials, and access control.
a. ICAM
b. Identity Management
c. RBAC
d. Privilege Management
a. ICAM (Identity, Credential, and Access Management)
This is concerned with assigning attributes to a digital identity and connecting that digital identity to an individual or NPE. The goal is to establish a trustworthy digital identity that is independent of a specific application or context.
a. ICAM
b. Identity Management
c. RBAC
d. Privilege Management
b. Identity Management
List the elements of identity lifecycle management.
a. Mechanisms, policies, procedures for protecting PII
b. Controlling access to identity data
c. Techniques for sharing authoritative identity data with applications which need it
d. Revocation of an enterprise identity
This is an object or data structure which authoritatively binds an identity to a token possessed and controlled by a subscriber
a. Privilege
b. User
c. Role
d. Credential
d. Credential
There are three supporting elements which are needed for an enterprise-wide access control facility. This one is the element concerned with defining rules for a resource which requires access control.
a. Resource Management
b. Privilege Management
c. Policy Management
a. Resource Management
There are three supporting elements which are needed for an enterprise-wide access control facility. This one is the element concerned with establishing and maintaining the entitlement attributes that comprise an individual’s access profile.
a. Resource Management
b. Privilege Management
c. Policy Management
b. Privilege Management
There are three supporting elements which are needed for an enterprise-wide access control facility. This one is the element concerned with governing what is allowable and not allowed in an access transaction.
a. Resource Management
b. Privilege Management
c. Policy Management
c. Policy Management
Multiple Selection: What are the requirements of a trusted computing base (TCB)?
a. User Experience
b. Tamper Proof
c. Reliability
d. Complete Mediation
e. Correctness
b. Tamper-Proof: untrusted code should not be able to tamper with code or data which make up the TCB
d. Complete Mediation: TCB must be a reference monitor. Every reference from a resource that needs to be protected must go through the TCB. There should be no way to bypass this.
e. Correctness: since we put all our trust in the TCB, it must be correct.
Which Type of control is based on the identity of the requestor and the access rules state what a requestor can or cannot do?
A) Mandatory Access Control (MAC)
B) Role-based access control (RBAC)
C) Discretionary access control (DAC)
D) Attribute-based access control (ABAC)
Answer C
This policy is termed discretionary because an entity might have access rights that permit the entity, by its own volition, to enable another entity to access some resource.
Source: Book Chapter 4.2 Page 131
T/F: Access Control Lists make it easy to look up who all the users are that can access a resource, and the type of access they have for that resource.
Answer True
Source: Book Chapter 4.3 Page 111
What does each entry of an access matrix indicate?
A. Access rights of a particular object for a particular subject.
B. Access rights of a particular subject for a particular object.
C. Access rights of a particular subject for a particular directory.
D. Access rights of a particular object for a particular group.
Answer B
Source: Book pg. 111
T/F: DAC is a concept that evolved out of requirements for military information security.
Answer False
DAC is the traditional method for implementing access control, MAC was created out of military necessity.
Source: Book, Ch 4, Pg. 109
T/F: One problem with DAC is that it is not possible to control information flow.
Answer True
Source: Mandatory Access Control Lecture
T/F: DAC is popular with corporations because it reflects how they treat their data.
Answer False
Employers mandate explicit policies on who can share what.
Source: Mandatory Access Control Lecture
An access control mechanism mediates between a user (or a process executing on behalf of a user) and system resources, such as:
a) firewalls
b) routers
c) applications
d) a & b only
f) All of the above
f) All of the above
ch. 4, p. 108 of text
Which of the following is granting permission to a system entity to access a system resource?
A) Authentication B) Authorization C) Audit D) Allowance E) None of the Above
Answer B
Authorization determines who is trusted for a given purpose
Source: Book Chapter 4.1 Page
130
T/F: Access control implements a security policy that verifies the credentials of a user.
Answer False.
Access control implements a security policy that specifies who or what may have access to each specific system resource, and the type of access that is permitted in each instance.
Source: Book pg. 107
Under Mandatory Access Control (MAC), what two properties provide confidentiality:
A) Read Up, Write Down
B) No Read Up, No Write Down
C) Read Up, No Write Down
D) No Read Up, Write Down
Answer B) No Read Up, No Write Down
No read up: A subject can only read an object of less or equal security level
No write down: A subject can only write into an object of greater or equal security level.
ch. 27, p. 27-2 text
T/F: A subject is said to have a security clearance of a given level and an object is said to have a security classification of a given level.
Answer True
Source: Book Chapter 27 Page 27-4
For the Bell-Lapadula Model (BLP), the properties needed for the confidentiality form of MAC are:
- ds-property and *-property
- ss-property and *-property
- ss-property and ds-property
- None of the above
Answer 2. (Chapter 27.1)
ss-property (simple security property): no read up
*-property (star property): no write down
The ds-property is a provision made by BLP for DAC but must be consistent with MAC rules.
T/F: Other MAC models such as Bell and La Padua (BLP Model) is focused on Integrity, and BIBA model is focused on Confidentiality.
Answer False
BLP focuses on Confidentiality and BIBA focuses on Integrity
Source: P1:L6 MAC slides | Other MAC models
T/F: Examples of BLP model classifications are High, Medium, and Low.
Answer False. Examples are Top Secret, Secret, Confidential
Source: P1:L6 MAC slides | Other MAC models
T/F: MAC cannot be employed with other access control policies, such as DAC, RBAC, and ABAC.
Answer False
All four access policies (DAC, MAC, RBAC, and ABAC) are not mutually exclusive
Source: Book, Ch. 4, Pg. 109
______ is based on the roles that users assume in a system rather than a user’s identity.
A. DAC
B. MAC
C. RBAC
D. ABAC
Answer C
Source: Book pg. 120
What aspect of an established RBAC system is likely to change infrequently?
A) The set of resources and the specific access rights associated with a particular role. B) The set of roles in the system. C) The set of users. D) A & B E) None of the above.
Answer D
Source: Book. Ch 4, Pg 120
The RBAC prerequisite role can be used for the following:
A) A way to increase the difficulty of collusion among individuals of different skills or divergent job functions to thwart security policies.
B) For structuring the implementation of the least privilege concept.
C) As a risk mitigation technique for a sensitive or powerful permission.
D) None of the above
Answer B
Source: Book, Ch 4, Pg 125
How does ABAC model controls access?
ABAC evaluates attributes of subject/object and access control rule defining allowable operation in a given environment
Source: book p. 127
In the Attribute-Based Access Control (ABAC) model: current date and time, the current virus/hacker activities, and the network’s security level are known as ____
A) Object attributes B) Subjects attributes C) Environment attributes D) Access Right E) None of the Above
Answer C
environments describe the operational, technical, and even situational environment or context in which the information access occurs
Source: Book Chapter 4.6 Page 149
In a(n) _____ model, authorizations can be defined that express conditions on properties of both the resource and the subject.
A. DAC
B. MAC
C. RBAC
D. ABAC
Answer D
Source: Book pg. 126
The strength of the ABAC approach is its ________ and ________.
A. strictness, performance
B. flexibility, expressive power
C. extensibility, ease of use
D. None of the above
Answer B
Source: Book pg. 126
T/F: Access Control Lists may have default entry that should always follow the rule of least privilege
Answer True
Source: book p.111
T/F: The columns of an Access Control Matrix are Access Control Lists.
Answer True
The matrix may be decomposed by columns, yielding access control lists (ACLs) (see Figure 4.2b). Decomposition by rows yields capability lists (see Figure 4.2c).
Source: Book chapter 4.3 page 133
In Unix, a user (U) can run with the permission of the file creator (C) under what condition(s)?
a) U has execute privileges
b) C has read, write, and execute permissions
c) Set User ID
d) Set Group ID
e) a & c
f) all of the above
Answer E
Multiple Choice: What contents exist inside of a file’s inode?
a) Environmental Variables
b) Answer Owner ID
c) Group ID
d) User ID
e) 12 protection bits
Answer b), c), e)
What is an inode (index node)?
A.) An inode is part of a linked list design for memory storage
B.) An inode is a special directory only to bee seen by root
C.) An inode is a control structure that contains information needed by the OS for a file.
D.) An inode is a user permission for a given user group.
Answer C
Page 117
T/F: An inode contains all information about a file.
Answer False
inode’s don’t contain the file name and actual data
The concept of inheritance enables one role to implicitly include access rights associated with a subordinate role. What role-based access control makes use of this concept?
Answer: Role Hierarchy
Source: book p.124
What is the initial requirement for performing user authentication?
A.) User must be registered within the system.
B.) A token must be verified
C.) A digital signature needs to be authenticated
D.) A multi factor system has to be in place
Answer A
Page 65
What are examples of static vs dynamic biometric recognition?
A.) Dynamic biometric could be a fingerprint and Static could be a voice pattern
B.) Dynamic can be face recognition and static could be fingerprint
C.) Dynamic is when you have an electronic keycard and static is a fingerprint
D.) Static biometric is a fingerprint and dynamic biometric is a voice pattern
Answer D
Page 66
The means for authenticating a user can be summarized in general terms by four things. What are the four things?
A.) Something the user knows, possesses, is and does.
B.) Something the user knows, possesses, is and wants
C.) Something the user can see, knows, wants and doesn’t have
D.) something the user knows, is, wants and does
Answer A
Page 66
Bad person Eve walks up to the system and says she is Alice, and successfully logs in as Alice. This authentication outcome is a:
A.) False negative
B.) False positive
Answer B
P1:L4 Authentication (Authentication Goals video slide)
A ________ is a set of programs installed on a system to maintain covert access to that system with administrator or root privileges, while hiding evidence of its presence to the greatest extent possible
Answer Rootkit
Source: Book Page 212
A rootkit can be classified into which of the following characteristics:
A.) Persistent B.) Memory Based C.) User Mode D.) Kernel Mode E.) Virtual Machine based F.) External Mode G.) All of the above
Answer G
Source: Book page 312
A rootkit can be classified into _______ this is when the rootkit intercepts calls to APIs and modifies the returned results.
A.) Memory based
B.) User Mode
C.) Kernel Mode
D.) External mode
Answer B.) User Mode
Source Book page 212
What type of rootkit can not survive a reboot and why not?
A.) Kernel Mode and because there is no user intervention
B.) Persistent and because the firewall flushes the rootkit out
C.) Memory based and there is no persistent code
D.) External Mode and because it is located in the BIOS
Answer C
Page 212: The book says “Memory based rootkits have no persistent code and therefore can not survive a reboot”
Which of the following are valid defenses against Client Attacks on a user authentication system?
I. Use passwords and pins with high entropy
II. Protect the password database
III. Implement a challenge-response protocol
IV. Limit authentication attempts
a. I and II
b. I and IV
c. II and IV
d. II and III
e. I, II, and IV
Answer: B (I and IV)
T/F: The three A’s of access control are Authentication, Authorization, and Allowance
False. Third “A” is Audit
