Identity and Access Management Flashcards
What is the primary goal of access control?
A. To encrypt all data.
B. To manage who has access to resources.
C. To monitor network activity.
D. To ensure high availability of systems.
B
Which of the following is an access control subject?
A. A file in a database.
B. A user attempting to access a resource.
C. An operating system’s memory.
D. A log file entry.
B
Which principle ensures only authorized users access specific resources?
A. Confidentiality.
B. Availability.
C. Least Privilege.
D. Accountability.
C
What are the three key objectives of access control?
A. Confidentiality, Integrity, Availability.
B. Identification, Authentication, Authorization.
C. Passwords, Tokens, Biometrics.
D. Encryption, Decryption, Storage.
A
Which of these is an example of a logical control?
A. Firewall.
B. Security guard.
C. CCTV system.
D. Key management policy.
A
Which type of control involves organizational policies and procedures?
A. Administrative.
B. Logical.
C. Physical.
D. Cryptographic.
A
Which control would best mitigate physical threats?
A. Firewall.
B. Security guard.
C. Password policy.
D. Encryption.
B
What is the focus of logical/technical controls?
A. Protecting physical assets.
B. Implementing hardware and software solutions.
C. Managing user behavior.
D. Enforcing administrative rules.
B
What is the first step in an access control process?
A. Authorization.
B. Authentication.
C. Identification.
D. Accountability.
C
What is required for multi-factor authentication?
A. Two or more types of authentication factors.
B. Biometric identification only.
C. A password and a security token.
D. A private and public key pair.
A
Which factor does a biometric authentication method fall under?
A. Something you have.
B. Something you are.
C. Something you know.
D. Something you share.
B
Which of the following ensures accountability in access control?
A. Role-based access.
B. Audit logs.
C. Strong encryption.
D. Centralized access management.
B
What is the key characteristic of discretionary access control (DAC)?
A. Access is based on the user’s role.
B. Users can grant access to resources they own.
C. Access is determined by attributes.
D. It is implemented by mandatory policies.
B
Which access control model uses security classifications like “Confidential”?
A. DAC.
B. MAC.
C. RBAC.
D. ABAC.
B
What does RBAC assign permissions based on?
A. Attributes of the user.
B. Security classifications.
C. Roles within an organization.
D. User preferences.
C
Which access control model uses attributes to determine access?
A. ABAC.
B. DAC.
C. MAC.
D. RBAC.
A
Which is an example of a one-time password (OTP)?
A. A memorized PIN.
B. A randomly generated code sent to a device.
C. A passphrase stored on a device.
D. A key stored in a hardware token.
B
What is a common defense against dictionary attacks?
A. Using complex passwords.
B. Biometric authentication.
C. Encrypting passwords.
D. Disabling account recovery.
A
What is a major drawback of using static passwords?
A. They are difficult to remember.
B. They can be reused and stolen.
C. They are incompatible with biometrics.
D. They require hardware tokens.
B
Which is a best practice for creating strong passwords?
A. Use at least 8 characters with a mix of upper/lowercase letters, numbers, and symbols.
B. Use your birthdate for easy recall.
C. Share the password with trusted users.
D. Only use numeric characters.
A
What is an example of a synchronous token?
A. A USB security key.
B. A time-based one-time password generator.
C. A magnetic swipe card.
D. A retina scan.
B
Which biometric method uses the unique patterns of an individual’s iris?
A. Retina scan.
B. Fingerprint scan.
C. Voice recognition.
D. Iris recognition.
D
What is a common disadvantage of biometric authentication?
A. Requires regular password changes.
B. Can be easily shared with others.
C. May raise privacy concerns.
D. Cannot be revoked once compromised.
C
What type of token uses physical characteristics for authentication?
A. Static token.
B. Biometric token.
C. Asynchronous token.
D. Time-based token.
B
Which access control system uses centralized authentication?
A. RADIUS.
B. Biometric control.
C. Decentralized system.
D. Local authentication.
A
What is a key feature of decentralized access control?
A. Centralized management of access rights.
B. Each system manages its own access rights.
C. Use of biometric-only authentication.
D. Dynamic token synchronization.
B
Which access control system uses encrypted protocols like PAP and CHAP?
A. TACACS+.
B. LDAP.
C. RADIUS.
D. OAuth.
C
What is the role of TACACS+ in access control?
A. To manage federated identities.
B. To provide token-based authentication.
C. To centralize access control for network devices.
D. To monitor biometric authentication logs.
C
Which protocol is commonly used in federated identity management?
A. SAML.
B. RADIUS.
C. TACACS.
D. SSH.
A
What is an advantage of SSO systems?
A. Reduces the risk of password reuse.
B. Provides hardware-based encryption.
C. Prevents all access control failures.
D. Requires less frequent password changes.
A
What is a potential drawback of Single Sign-On?
A. Requires biometric authentication for all systems.
B. A breach in one account compromises all linked accounts.
C. It cannot integrate with third-party services.
D. It eliminates centralized logging.
B
Which of the following is a federated identity standard?
A. OAuth.
B. X.509.
C. SAML.
D. DES.
C