Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security+ Certification Exam Studying 2 > Access Controls Quiz > Flashcards

Access Controls Quiz Flashcards

1
Q

Which of the following answers refer(s) to the Mandatory Access Control (MAC) model? (Select all that apply)

A) Users are not allowed to change access policies at their own discretion

B) Labels and clearance levels can only be applied and changed by an administrator

C) Every object has an owner who at his/her own discretion determines what kind of permissions other users can have to that object

D) Access to resources based on user identity

E) Every resource has a sensitivity label matching a clearance level assigned to a user

A

A) Users are not allowed to change access policies at their own discretion

B) Labels and clearance levels can only be applied and changed by an administrator

E) Every resource has a sensitivity label matching a clearance level assigned to a user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Discretionary Access Control (DAC) is an access control model based on user identity. In DAC, every object has an owner who at his/her own discretion determines what kind of permissions other users can have for that object.

A) True
B) False

A

A) True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which type of control access model connects user permissions to their specific responsibilities?

A) DAC
B) RBAC
C) MAC
D) ABAC

A

B) RBAC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which access control model allows for defining granular rules that consider user roles, time constraints, and network access restrictions?

A) ABAC
B) MAC
C) RuBAC
D) DAC
E) RBAC

A

C) RuBAC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Examples of properties used for defining access policies in Attribute-Based Access Control (ABAC) model include:

A) Subject (i.e., user or process requesting access)

B) Type of action (for example “read”, “write”, “execute”)

C) Resource type (medical record, bank account etc.)

D) Environment (contextual data, such as time of day or geolocation)

E) All of the above

A

E) All of the above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which access control model defines access control rules with the use of statements that closely resemble natural language?

A) DAC
B) ABAC
C) MAC
D) RBAC

A

B) ABAC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the access control models listed below enforces the strictest set of access rules?

A) MAC
B) RBAC
C) DAC
D) ABAC

A

A) MAC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following access control methods would be the most suitable for scheduling system maintenance tasks during periods of low user activity?

A) Resource provisioning
B) Time-of-day restrictions
C) Principle of least privilege
D) Just-in-time permissions

A

B) Time-of-day restrictions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The principle of least privilege is a security rule that prevents users from accessing information and resources that lie beyond the scope of their responsibilities.

A) True
B) False

A

A) True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CompTIA Security+ Certification Exam Studying 2 (62 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions