Identity and Access Management

Question 1

Determines what users can do with contents based on his credentials.

Answer 1

Authentication

Question 2

Keep a historical record of what users do to shared resources.

Answer 2

Accounting

Question 3

Means that the organization trusts another entity simply because they are trusted by someone else.

Answer 3

Transitive Trust

Question 4

A system that involves the use of a common authentication system and credentials database that multiple entities use and share.

Answer 4

Federated system

Question 5

Which access control applies to highly secure environnments, where a user is granted access to a system or data based upon his security level ?

Answer 5

Mandatory Access Control (MAC)

Question 6

Which access control provides access based on which user has created or owns an object ?

Answer 6

Discretionary Access Control (DAC)

Question 7

Which access control uses predefined roles to define access ?

Answer 7

Role-Based Access Control

Question 8

Which access control grantes access based upon predefined rules that may apply to users or groups of users and also more advanced firewalls ?

Answer 8

Rule-Based Access Control

Question 9

____ typically are generated by tokens or mobile devices to facilitate multifactor authentication

Answer 9

OTPs

Question 10

Rate of errros from incorrectly rejecting authorized users :

Answer 10

FRR

Question 11

Rate of errors from incorrectly authenticating unauthorized users :

Answer 11

FAR

Question 12

Point of which the system must be tuned to reduce FRR and FAR :

Answer 12

Crossover error rate

Question 13

A storage chip to a stantard credit-card-sized plastic card creates a :

Answer 13

Smart Card

Question 14

Type of account that sits between a user account and an admin/root account :

Answer 14

Privileged Account

Question 15

Term used when users privileges are not reviwed on periodic basis and users move around within the organization retaining privileges even when they no longer need them

Answer 15

Privilege Creep

Question 16

Form of auditing that involves examining audit rails, such as logs and other documentation, to ensure accountability for actions any user performs.

Answer 16

Continuous Monitoring

Question 17

Microsoft Windows Active Directory is an example of a _____ accounts and credentials database.

Answer 17

Centralized

Question 18

Oldest non secure authentication protocol used to pass user names and passwords to a central authentication server.

Answer 18

PAP

Question 19

Authentication protocol that relies on challenge and response messages and hashed passwords, as do other modern protocols. Ensures that passwords or user credentials are never sent over the network in clear text.

Answer 19

CHAP

Question 20

Protocol that provides AAA services, uses ports 1812 and 1813

Answer 20

Radius

Question 21

Authentication protocol Ciso-designed encrypts all traffic between all connection points, most used on network devices.

Answer 21

TACACS+

Question 22

Default authentication protocol for Windows Domains, uses authentication tickets and timestamps to help prevent replay attacks.

Answer 22

Kerberos