chaps 5-10 study for final

Question 1

what is AAA?

Answer 1

AAA= Authentication, Authorization, Aditing

Question 2

what is RBAC?

Answer 2

RBAC= role based access control: each role such as managers, employees etc. get parameters for access instead of using a user-access control method. -easier to cover more people.

Question 3

Mandatory access control?

Answer 3

no ability to change rules

Question 4

Discretionary Access Control

Answer 4

departments are allowed to alter rules

Question 5

are automated password resets good and are they safe? y or y not?

Answer 5

no not safe, can social engineer for authentication information then pretend to be real employee to reset pword for personal gain.

Question 6

TGT

Answer 6

Ticket granting Ticket: similar to a wrist band, allows communication to continue without re-authenticating

Question 7

directory servers do what?

Answer 7

store info for security and employee contacts

Question 8

LDAP?

Answer 8

Lightweight Directory Access Protocol: governs communication between directory servers and devices, including authentication servers.

Question 9

AD?

Answer 9

microsoft organized directories

Question 10

domain controller used or what?

Answer 10

controls the resources in a domain and is used allong with an AD active directory

Question 11

what is trust when it comes to directory servers?

Answer 11

bi-directional (mutual)
-one way
Transitive: can trust others by learning from trusted servers.
Intransive: will not trust others, even when learned from trusted servers.

Question 12

what is a metadirectory server?

Answer 12

connects several directory servers together.

Question 13

how does one in security think about trust?

Answer 13

not as how much to trust but instead in terms of risk reduction or levels of risk.

Question 14

In CobiT, entry must be ________.

justified
logged
Both justified and logged
Neither justified nor logged

Answer 14

Both justified and logged

Question 15

The book recommends that passwords be at least ________ characters long.

Answer 15

8

Question 16

Compared to access control based on individual accounts, RBAC is ________.
less prone to error
more expensive
Both less prone to error and more expensive
Neither less prone to error nor more expensive

Answer 16

less prone to error

Question 17

Which of the following is one of the four bases for authentication credentials?
Both What you know and What you have
Neither What you know nor What you have
What you know
What you have

Answer 17

Both What you know and What you have

Question 18

A ________ card stores authentication data.

magnetic stripe
smart
Both magnetic stripe and smart
Neither magnetic stripe nor smart

Answer 18

Both magnetic stripe and smart

Question 19

if a provable attack packet is detected by firewall what happens?

Answer 19

it gets dropped.. drops packet

Question 20

what is ingress filtering?

Answer 20

firewall examines packets entering the network from the outside.

Question 21

what is egress filtering?

Answer 21

firewall scans ip packets that are leaving the network.

Question 22

if a firewall becomes overloaded with traffic what does it do with packets?

Answer 22

drops packets it can not process.