Chapter 13 – Managing Identity and Authentication Flashcards
1
Q
- Which of the following would not be an asset that an organization would want to protect with access controls?
None of the above
A
None of the above
2
Q
- Which of the following is true related to a subject?
The subject is always the entity that receives information about or data from an object.
A
The subject is always the entity that receives information about or data from an object.
3
Q
- Which of the following types of access control uses fences, security policies, security awareness training, and antivirus software to stop an unwanted or unauthorized activity from occurring?
Preventive
A
Preventive
4
Q
- What type of access controls are hardware or software mechanisms used to manage access to resources and systems, and provide protection for those resources and systems?
Logical/technical
A
Logical/technical
5
Q
- Which of the best expresses the primary goal when controlling access to assets?
Preserve confidentiality, integrity, and availability of systems and data.
A
Preserve confidentiality, integrity, and availability of systems and data.
6
Q
- A user logs in with a login ID and a password. What is the purpose of the login ID?
Identification
A
Identification
7
Q
- Accountability requires all of the following items except one. Which item is not required for accountability?
Authorization
A
Authorization
8
Q
- What can you use to prevent users from rotating between two passwords?
Password history
A
Password history
9
Q
- Which of the following best identifies the benefit of a passphrase?
It is easy to remember.
A
It is easy to remember.
10
Q
- Which of the following is an example of a Type 2 authentication factor?
Something you have
A
Something you have