Ch 12 Key Terms

Question 1

validate credentials as genuine

authentication

authorization

accounting

identification

Answer 1

authentication

Question 2

a hierarchy based on the labels; i.e. top secret has a higher level than secret

levels

RBAC

DAC

labels

Answer 2

levels

Question 3

provide file system security for protecting files managed by the OS

kerberos

LDAP

ACL

Radius

Answer 3

ACL

Question 4

the process of recognizing and distinguishing the user from any other user

authorization

authentication

identification

accounting

Answer 4

identification

Question 5

most restrictive access control; user has no freedom to set any controls or distribute access

RBAC

ABAC

MAC

DAC

Answer 5

MAC

Question 6

right given to access specific resources

access

authorization

identification

authentication

Answer 6

access

Question 7

an opportunity to audit employees’ activities while they are on vacation

separation of duties

job rotations

mandatory vacations

Permission auditing and review

Answer 7

mandatory vacations

Question 8

the process of periodically revalidating a user’s account, access control and membership role

separation of duties

mandatory vacations

Permission auditing and review

recertification

Answer 8

recertification

Question 9

using MAC model, every entity is an object and is assigned a classification label

labels

levels

DAC

RBAC

Answer 9

labels

Question 10

individuals are periodically moved from one job responsibility to another

separation of duties

job rotation

mandatory vacations

recertification

Answer 10

job rotation

Question 11

providing a framework for controlling access to computer resources

AOC

AAA

ACC

AAC

Answer 11

AAA

Question 12

granting permission to take an action; permission granted for admittance

accounting

identification

authentication

authorization

Answer 12

authorization

Question 13

used for connecting to remote networks; provides port security (802.1x)

Kerboros

LDAP

Radius

ACL

Answer 13

Radius

Question 14

actions to be taken when an employee leaves an enterprise

least privilege

employee offboarding

employee onboarding

recertification

Answer 14

employee offboarding

Question 15

least restrictive; every object has an owner who has total control over that object

MAC

access control model

RBAC

DAC

Answer 15

DAC

Question 16

an authentication system used to verify the identity of networked users

kerberos

LDAP

ACL

Radius

Answer 16

kerberos

Question 17

person responsible for the information

privacy officer

owner

user

custodian

Answer 17

owner

Question 18

allows a user’s login credentials to be stored with a single identity provider

AD

X.500

Radius

SAML

Answer 18

SAML

Question 19

based on user’s job function within an organization

RBAC

DAC

MAC

ABAC

Answer 19

RBAC

Question 20

individual to whom day-to-day actions have been assigned by the owner

privacy officer

custodian

owner

user

Answer 20

custodian

Question 21

an audit process that looks at the apps that the user is provided and how frequently they are used

recertification

Usage auditing and review

Permission auditing and review

job rotations

Answer 21

Usage auditing and review

Question 22

manager who oversees data privacy compliance and manages data risk

owner

privacy officer

user

custodian

Answer 22

privacy officer

Question 23

designed to run over TCP/IP; X.500 Lite

ACL

LDAP

Kerboros

Radius

Answer 23

LDAP

Question 24

rules that have been established for creating account names

Usage auditing and review

job rotations

Permission auditing and review

standard naming conventions

Answer 24

standard naming conventions

Question 25

a record of user actions; to provide an audit trail

authorization

accounting

identification

authentication

Answer 25

accounting