Chapter 14 – Controlling and Monitoring Access Flashcards

1
Q
  1. Which of the following best describes an implicit deny principle?
    All actions that are expressly allowed are denied.
A

All actions that are expressly allowed are denied.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. What is the intent of least privilege?

Enforce the most restrictive rights required by users to complete assigned tasks.

A

Enforce the most restrictive rights required by users to complete assigned tasks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. A table includes multiple objects and subjects and it identifies the specific access each subject has to different objects. What is this table?
    Access control matrix
A

Access control matrix

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. What type of access controls are hardware or software mechanisms used to manage access to resources and systems, and provide protection for those resources and systems?
    The data custodian
A

The data custodian

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. Which of the following models is also known as an identity-based access control model?
    DAC
A

DAC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. A central authority determines which files a user can access. Which of the following best describes this?
    Nondiscretionary access control model
A

Nondiscretionary access control model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. A central authority determines which files a user can access based on the organization’s hierarchy. Which of the following best describes this?
    RBAC model
A

RBAC model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. Which of the following statements is true related to the RBAC model?
    A RBAC model allows users membership in multiple groups.
A

A RBAC model allows users membership in multiple groups.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. Which of the following is the best choice for a role within an organization using a RBAC model?
    Programmer.
A

Programmer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. Which of the following best describes a rule-based access control model?
    It uses global rules applied to all users equally.
A

It uses global rules applied to all users equally.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly