Chapter 8-10: Access Control, Securing Hosts, Data and Specialized Systems

Question 1

In which access control method does the owner of each controlled object decide who can access it and what permissions they have. It is common in Windows and Unix-like operating systems.

Answer 1

Discretionary Access Control (DAC)

Question 2

In which access control method do administrators assign security classifications, or labels, to each user and each resource. A user can only access a given resource if their labels are compatible.

Answer 2

Mandatory Access Control (MAC)

Question 3

In which access control method is access determined by a set of rules configured by administrators. These can be static or dynamic and may be triggered by other events.

Answer 3

Rule-based access control

Question 4

Which access control method is similar to MAC in that administrators define permissions, but instead of clearance levels, users are assigned to one or more roles?

Answer 4

Role-based access control (RBAC)

Question 5

Which access control mode applies security attributes to resources, users, and environments, then defines policies governing combinations of those attributes?

Answer 5

Attribute-based access control (ABAC)

Question 6

In DAC on Unix, what 3 numbers represent read, write and execute?

Answer 6

4 - Read
2 - Write
1 - Execute

Question 7

Which form of malware attaches malicious code to another file, which both can do direct damage and spread itself to other running programs

Answer 7

Virus

Question 8

Which form of virus can spread multiple ways and infect multiple types of files

Answer 8

Multipartite Viruses

Question 9

Which form of malware spreads itself by exploiting system vulnerabilities?

Answer 9

Worm

Question 10

Which form of malware is a compromised or malicious website designed to spread malware to its visitors? Some contain malicious scripts that exploit vulnerabilities in browsers or in plugins.

Answer 10

Drive-by-download

Question 11

Which form of malware is a more sophisticated two-stage attack which is related to the drive-by download but targets a specific group or category of users?

Answer 11

Watering hole

Question 12

Which payload is a hidden way into a system or application that bypasses standard authentication procedures?

Answer 12

Backdoor

Question 13

Which payload invisibly installs a remote access program an attacker can later use to access the computer?

Answer 13

Remote Access Trojan (RAT)

Question 14

Which payload is a more advanced form of backdoor which uses automated processes to establish and maintain remote control of an infected system?

Answer 14

Command and control

Question 15

Which technology allows centralized management of mobile device security settings, software updates, performance tracking and troubleshooting?

Answer 15

Mobile device management (MDM)

Question 16

Which mobile technology allows provisioning and access control for approved enterprise apps, whether commercial or developed in-house

Answer 16

Mobile application management (MAM)

Question 17

Which mobile technology delivers centrally hosted data and services to mobile devices, allowing device-specific formatting and security controls.

Answer 17

Mobile content management (MCM)

Question 18

Which mobile technology centrally manages identity and access management for mobile devices?

Answer 18

Mobile identity management (MIM)

Question 19

Which mobile technology is an evolution of MDM incorporating MAM, MCM, and MIM?

Answer 19

Enterprise mobility management (EMM)

Question 20

Which mobile technology is a further evolution of EMM that provides central management of all endpoints from a single platform?

Answer 20

Unified endpoint management (UEM)

Question 21

Which embedded system is an integrated circuit with a logical structure that can be reprogrammed after manufacture?

Answer 21

Field-Programmable gate array (FPGA)

Question 22

Which system is used to monitor and control industrial systems?

Answer 22

Industrial control systems (ICS) aka: process control systems (PCS)

Question 23

Which ICS is used to monitor state changes in large scale distribution systems

Answer 23

Supervisory Control and Data Acquisition (SCADA)

Question 24

Which ICS was designed to extend PCS in refineries and other industrial plants while remaining within the confines of a single operation?

Answer 24

Distributed Control System (DCS)

Question 25

Which storage technology gives external clients file-level access to storage, but not block-level?

Answer 25

Network Attached Storage (NAS)

Question 26

Which storage technology is an array of devices on the network. It is different than a NAS because its controlling hardware gives block-level access to network hosts and protects file systems from simultaneous access by multiple hosts.

Answer 26

Storage Area Network (SAN)

Question 27

Which mobile security technique enforces application permissions and prevents rogue applications from affecting the rest of the device.

Answer 27

Application Sandboxing

Question 28

Which mobile security technique goes beyond ordinary sand-boxing by creating encrypted containers for specific applications?

Answer 28

Containerization

Question 29

Referencing the file permissions below
drwxrwx—+ 2 accounting accounting 18 Jan 8 17:51
what time of access control is being employed here?

Answer 29

FACL

Question 30

Targeted attacks and advanced persistent threats cannot be prevented through anti-virus solutions alone. This solution provides centrally managed security solutions that protect endpoints such as servers, workstations, and mobile devices used to connect to enterprise networks. It can be used to prevent zero day exploits, attacks and data leakage on workstations .

Answer 30

Endpoint security/protection

Question 31

This is a hierarchical infrastructure that allows a network administrator in charge of Microsoft’s Active Directory to implement specific configurations for users and computers. It can also be used to define user, security and networking policies at the machine level.

Answer 31

Group Policy

Question 32

Regarding data ownership, who is the person in the organization with ultimate responsibility for keeping data safe and complying with applicable regulations

Answer 32

Data owner

Question 33

Regarding data ownership, who is a system administrator responsible for creating and enforcing the technical controls regarding access to data,
under the direction of its owner.

Answer 33

Data custodian

Question 34

Regarding data ownership, who is a person responsible for data management from a business and stakeholder perspective. They ensure that data quality meets business needs, that it has sufficient metadata to make it easy to use, and that it meets all regulatory
requirements.

Answer 34

Data steward

Question 35

Regarding Data Ownership under the GDPR, who is an executive who oversees the development, implementation, and enforcement of privacy
policies regarding personal data. Other regulatory frameworks might call the same role a privacy officer.

Answer 35

Data Protection Officer (DPO)

Question 36

What is is a framework of policies and technologies for ensuring that the right users (in an enterprise) have the appropriate access to technology resources. Also known as Identity management (IdM).

Answer 36

identity and access management (IAM)

Question 37

In mandatory access control, who controls access to resources?

Answer 37

Administrators

Question 38

data exfiltration, GPS tracking, and audio eavesdropping are all risks in connecting to what?

Answer 38

A malicious USB cable