Domain 3

Question 1

What are the access control categories?

Answer 1

administrative controls, technical controls, physical controls

Question 2

What are the access control types?

Answer 2

Preventative, Detective, corrective, recovery, deterrent, compensating.

Question 3

What access control type(s) would a fence be?

Answer 3

Deterrent, preventative

Question 4

What access control type(s) would a gate be?

Answer 4

Deterrent, preventative

Question 5

What access control type(s) would bollards be?

Answer 5

preventative

Question 6

What access control type(s) would lights be?

Answer 6

detective, deterrent

Question 7

What access control type(s) would CCTV be?

Answer 7

detective , deterrent

Question 8

What access control type(s) would a lock be?

Answer 8

preventative

Question 9

What access control type(s) would a turnstile be?

Answer 9

preventative, deterrent

Question 10

What access control type(s) would a contraband check be?

Answer 10

preventative, detective, deterrent

Question 11

What access control type(s) would motion detectors be?

Answer 11

detective, deterrence

Question 12

What access control type(s) would a guard be?

Answer 12

deterrent, detective, preventative, compensating

Question 13

What access control type(s) would a dog be?

Answer 13

deterrent, detective, compensating

Question 14

What are two examples of administrative controls?

Answer 14

Organisational policies and procedures

Question 15

What are three examples of logical / technical controls?

Answer 15

Hardware/ software/ firmware, firewalls, routers, encryptions, biometric authentication

Question 16

what are three examples of physical controls?

Answer 16

Locks, fences, guards, dogs, gates, bollards

Question 17

What is FIDM

Answer 17

Federated identity management is having a common set of policies, practices and protocols in plance ot manage the identuty and trust into IT users and devices across organisations.

Question 18

What is SSO

Answer 18

single sign on is a subset of federated identity management where users use a single sign on for multiple systems.

Question 19

What does MAC stand for?

Answer 19

Mandatory Access Control

Question 20

When is MAC used?

Answer 20

MAC is used when confidentiality is most important

access to an object is determined by labels and clearance.

Question 21

What does RBAC stand for?

Answer 21

Role based access control

Question 22

When is RBAC used?

Answer 22

role based access control is used when integrity is most important

Question 23

What does ABAC stand for?

Answer 23

Attribute based access control

access to objects is granted based on subjects, objects and environmental conditions.
attributes could be:
- subject (user)
- object (resource)
- environment (special jobs assigned to normally restricted areas, local time)

Question 24

What does DAC stand for?

Answer 24

Discretionary access control

Question 25

When is DAC used?

Answer 25

Discretionary access control is used when availability is most important access to an object is assigned at the discretion of the object owner.

Question 26

Which type of access control model would we use if confidentiality was the MOST important factor to us? DAC, RBAC, MAC, RUBAC

Answer 26

MAC MAC (Mandatory Access Control): Often used when Confidentiality is most important. Access to an object is determined by labels and clearance, this is often used in the military or in organizations where confidentiality is very important.

Question 27

Implementing our access control model, you are asked, "In which type of access management would you use access lists?" What do you answer? DAC, RBAC, MAC, RAC

Answer 27

DAC DAC (Discretionary Access Control): Often used when Availability is most important. Uses DACLs (Discretionary access lists), based on user identity. Access to an object is assigned at the discretion of the object owner. The owner can add, remove rights, commonly used by most OS'.