Access Control

Question 1

Implements a security policy that specifies who or what may have access to each specific system resource and the type of access that is permitted in each instance.

Answer 1

Access Control

Question 2

Verification that the credentials of a user or other system entity are valid.

Answer 2

Authentication

Question 3

The granting of a right or permission to a system entity to access a system resource.

Answer 3

Authorization

Question 4

An independent review and examination of system records and activities in order to test for adequacy of system controls, to ensure compliance with established policy and operational procedures, to detect breaches in security, and to recommend any indicated changes in control, policy and procedures.

Answer 4

Audit

Question 5

What are the access control policies?

Answer 5

Discretionary access control (DAC)
Mandatory access control (MAC)
Role-based access control (RBAC)
Attribute-based access control (ABAC)

Question 6

Controls access based on the identity of the requestor and on access rules stating what requestors are allowed to do.

Answer 6

Discretionary access control (DAC)

Question 7

Controls access based on comparing security labels with security clearances.

Answer 7

Mandatory access control (MAC)

Question 8

Controls access based on the roles that users have within the system and on rules stating what accesses are allowed to users in given roles.

Answer 8

Role-based access control (RBAC)

Question 9

Controls access based on attributes of the user, the resource to be accessed, and current environmental conditions.

Answer 9

Attribute-based access control (ABAC)

Question 10

What are the basic elements of access control?

Answer 10

Subject
Object
Access right

Question 11

A _____ is an entity capable of accessing objects.

Answer 11

subject

Question 12

Access control systems typically define three classes of subject, with different access rights for each class. What are they?

Answer 12

Owner - created the file
Group - given access rights as a owner
World - least amount of access granted

Question 13

An _____ is a resource to which access is controlled.

Answer 13

Object

Question 14

An ____ _____ describes the way in which a subject may access an object.

Answer 14

access rights

Question 15

Access rights have multiple privileges, such as:

Answer 15

Read, write, execute, delete, create, search.

Question 16

List users and their permitted access rights.

Answer 16

Access control lists

Question 17

A ____ _____ specifies authorized objects and operations for a particular user.

Answer 17

capability ticket

Question 18

Certain areas of memory are protected from the users’s use and in which certain instructions may not be executed.

Answer 18

user mode

Question 19

Privileged instructions may be executed and in which protected areas of memory may be accessed.

Answer 19

kernel mode

Question 20

What are the entities in an RBAC system.

Answer 20

User
Role
Permission
Session

Question 21

A ______ is a defined relationship among roles or a condition related to roles.

Answer 21

constraint

Question 22

What are the types of constraints?

Answer 22

Mutually exclusive roles
Cardinality
Prerequisite roles

Question 23

______ ____ ____ are roles such that a user can be assigned to only one role in the set.

Answer 23

Mutually exclusive roles

Question 24

What are the properties of mutually exclusive role?

Answer 24

1. A user can only be assigned to one role in the set

2. Any permission can be granted to only one role in the set.

Question 25

_____ refers to setting a maximum number with respect to roles.

Answer 25

Cardinality

Question 26

Dictates that a user can only be assigned to a particular role if it is already assigned to some other specified role.

Answer 26

Prerequisite role

Question 27

What are the three elements to an ABAC model?

Answer 27

Attributes - which are defined for entities in a configuration
Policy model - which defines the ABAC policies
Architecture model - which applies to polices that enforce access control

Question 28

A _______ is a set of rules and relationships that govern allowable behavior within an organization, based on the privileges of subjects and how resources or objects are to be protected under which environment conditions.

Answer 28

policy

Question 29

_______ represent the authorized behavior of a subject

Answer 29

privileges

Question 30

What does ICAM stand for?

Answer 30

Identity, credential access management

Question 31

What is ICAM designed for?

Answer 31

1. Create trusted digital identity representations of individuals and what the ICAM documents refer to as nonperson entities.
2. Bind those identities to credentials that may serve as a proxy for the individual or NPE in access transactions.
3. Use the credentials to provide authorized access to an agency resources.

Question 32

What are the three support elements needed in enterprise-wide access control?

Answer 32

Resource management
Privilege management
Policy management