Access Control

Question 1

Name three types of access controls.

Answer 1

Administrative, Technical and Physical

Question 2

Name an Administrative Control

Answer 2

Policy, Training, Awareness

Question 3

Name a Technical Control

Answer 3

What you find on a computer

Question 4

Name a physical control

Answer 4

Doors, Locks, Guards, Dogs

Question 5

Name control types in order

Answer 5

Preventive, deterrent, corrective, detective, recover, compensating and directive

Question 6

Name Authentication Components

Answer 6

Biometrics, Passwords, Token Devices, Memory Cards, Smart Cards, Cryptographic Keys

Question 7

What is Discretionary Access Control (DAC)

Answer 7

dddd

Question 8

Name the components of the CIA Triad

Answer 8

Confidentiality, Integrity, Availablity

Question 9

What is a table of Subjects, Objects and permissible actions?

Answer 9

Access Control Matrix

Question 10

What are small credit size items used for entry access sometimes shaped like a calculator?

Answer 10

Tokens

Question 11

A series of numbers, used in confidentially by a user to verify their identity is?

Answer 11

PIN

Question 12

What type of attack is most effective against passwords?

Answer 12

Brute-Force and Dictionary Attack

Question 13

Which model give complete control of data, based on the level of access given to a specific user?

Answer 13

Mandatory Access Control

Question 14

Access control is classified as which kind of Mechanism

Answer 14

Preventive

Question 15

The first step in any access control is?

Answer 15

Identification

Question 16

What authentication system requires two factors out of three, it is said to be using?

Answer 16

Two-Factor Authentication

Question 17

What is the best way to destroy data?

Answer 17

Degauss then destroy

Question 18

What is an active entity that request access to an object or data

Answer 18

Subject

Question 19

What is a passive entity that contains info or data?

Answer 19

Oject

Question 20

What is the ability of a subject to do something such as read, write, create, execute?

Answer 20

Access

Question 21

What is a security feature that controls how subjects objects interact with each other?

Answer 21

Access Control

Question 22

What grants access to resources based on a criteria list

Answer 22

Authorization

Question 23

What is the requirement of having two of the three factors of authentication?

Answer 23

Strong Authentication (Two-Factor)

Question 24

What happens when a user or administrator has more privileges than they need for the security of the system

Answer 24

Excessive Privelege

Question 25

What is the basic authentication process?

Answer 25

Identification (Something you know - Password)
Authentication (Something you are - Biometrics)
Authorization (Something you physically have - Cards

Question 26

What is a secret value in possession by one person?

Answer 26

A Private Key

Question 27

What does one use to prove one’s identity?

Answer 27

A private key or digital signature

Question 28

What is a digital signature?

Answer 28

encrypting a hash value with the private key

Question 29

What is more secure than passwords?

Answer 29

Digital Signatures

Question 30

What is a sequence characters that when typed software transforms them into a virtual password

Answer 30

Passphrases