Chapter 12 Flashcards
What is the current version of TACACS?
XTACACS
TACACS+
TACACS v9
TRACACS
TACACS+
How is the Security Assertion Markup Language (SAML) used?
It allows secure web domains to exchange user authentication and authorization data.
It is a backup to a RADIUS server.
It is an authenticator in IEEE 802.1x.
It is no longer used because it has been replaced by LDAP.
It allows secure web domains to exchange user authentication and authorization data.
A RADIUS authentication server requires the ____ to be authenticated first.
authenticator
user
authentication server
supplicant
authenticator
Which of the following is NOT true regarding how an enterprise should handle an orphaned or dormant account?
A formal procedure should be in place for disabling accounts for employees who are dismissed, resign, or retire from the organization.
Access should be ended as soon as the employee is no longer part of the organization.
Logs should be monitored because current employees are sometimes tempted to use an older dormant account instead of their own account.
All orphaned and dormant accounts should be deleted immediately whenever they are discovered.
All orphaned and dormant accounts should be deleted immediately whenever they are discovered.
With the development of IEEE 802.1x port security, what type of authentication server has seen even greater usage?
RADIUS
Lite RDAP
DAP
RDAP
RADIUS
Which of the following is NOT part of the AAA framework?
Authentication
Access
Authorization
Accounting
Access
What is the version of the X.500 standard that runs on a personal computer over TCP/IP?
Lite RDAP
DAP
LDAP
IEEE X.501
LDAP
Raul has been asked to serve as the individual to whom day-to-day actions have been assigned by the owner. What role is Raul taking?
Privacy officer
End user
Custodian
Operator
Custodian (or steward)
Which type of access control model uses predefined rules that makes it flexible?
ABAC
DAC
MAC
Rule-Based Access Control
ABAC (Attribute-Based Access Control)
Which can be used to establish geographical boundaries where a mobile device can and cannot be used?
Location-based policies
Restricted access control policies
Geolocation policies
Mobile device policies
Location-based policies
Which statement about Rule-Based Access Control is true?
It requires that a custodian set all rules.
It is considered obsolete today.
It dynamically assigns roles to subjects based on rules.
It is considered a real-world approach by linking a user’s job function with security.
It is considered obsolete today.
Which of the following would NOT be considered as part of a clean desk policy?
Do not share passwords with other employees.
Lock computer workstations when leaving the office.
Place laptops in a locked filing cabinet.
Keep mass storage devices locked in a drawer when not in use.
Do not share passwords with other employees.
Which of these is a set of permissions that is attached to an object?
Access control list (ACL)
Subject Access Entity (SAE)
Object modifier
Security entry designator
Access control list (ACL)
Which Microsoft Windows feature provides group-based access control for centralized management and configuration of computers and remote users who are using Active Directory?
Windows Registry Settings
AD Management Services (ADMS)
Group Policy
Resource Allocation Entities
Group Policy
What can be used to provide both file system security and database security?
RBASEs
LDAPs
CHAPs
ACLs
ACLs
