Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

IS3230 ACCESS CONTROL, KEY INFRASTRUCTURE > IS3230 CHAPTER 8 > Flashcards

IS3230 CHAPTER 8 Flashcards

1
Q

In window-based systems, a value that specifies the rights that are allowed or denied in an access control entry (ACE) of an access control list (ACL) is called ___.

A

ACCESS MASK

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

This stores information about objects on the network and makes this information available for authorized systems administrators and users. It gives network users access to permitted resources anywhere on the network using a single sign-on process. Also provides system admin with an intuitive hierarchical view of the network and a single point of administration for all network objects is called ___.

A

ACTIVE DIRECTORY

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A collection of binary data stored in a relational database is called ___.

A

BINARY LARGE OBJECTS (BLOBs)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Objects that inherit certain characteristics, such as access controls, from a parent object is called ___.

A

CHILD OBJECTS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The stored data may be in archival form on tape or optical disc, on a hard disk, or sitting in a system’s buffers is called ___.

A

DATA AT REST (DAR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Data as it travels from one place to another, such as over a network is called ___.

A

DATA IN MOTION (DIM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Rights that are given to a user by the owner of an object is called ___.

A

DELEGATED ACCESS RIGHTS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A DAC system where rights are assigned by the owner of the resource in question is called ___.

A

DISCRETIONARY ACCESS CONTROL LIST (DACL)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Access rights that are actively given to a user by an object owner is called ___.

A

EXPLICITLY DELEGATED RIGHTS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The outermost boundary of an Active Directory service. This may contain several domains is called ___.

A

FOREST

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Rights that are inherited or otherwise passively assigned is called ___.

A

IMPLICITLY DELEGATED RIGHTS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A combination of hardware and software used to analyze network traffic passing through a single point on the network. It is designed to analyze traffic patterns to find suspicious activity is called ___.

A

INTRUSION DETECTION

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

An application layer protocol for querying and modifying directory services running under Transmission Control Protocol/Internet Protocol (TCP/IP)

A

LIGHTWEIGHT DIRECTORY ACCESS PROTOCOL (LDAP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A patch to the Linux kernel and a set of administrative tools that attempt to enhance security is called ___.

A

LINUX INTRUSION DETECTION SYSTEM (LIDS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A service that provides information to all systems on a network is called ___.

A

NETWORK INFORMATION SERVICE (NIS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A logical structure that allows you to organize users, computers, and other objects into separate units for administrative purposes is called ___.

A

ORGANIZATIONAL UNIT (OU)

17
Q

An object from which other objects inherit various properties including access controls is called ___.

A

PARENT OBJECT

18
Q

Software that monitors network ports to detect a port scan attack. These attacks are usually the precursor to a more serious attack is called ___.

A

PORT SCAN DETECTOR

19
Q

A mechanism used to control the output of a specific process is called ___.

A

PROCESS CONTROL SYSTEM (PCS)

20
Q

A database that stores data in tables and provides for relationships between various data is called ___.

A

RELATIONAL DATABASE (RDB)

21
Q

The superuser in Linux and UNIX systems is called ___.

A

ROOT

22
Q

A security mechanism for isolating programs running in a shared environment is called ___.

A

SANDBOX

23
Q

A user with full rights on a system is called ___.

A

SUPER ADMINISTRATOR

24
Q

A command that allows an administrator to run processes as root without actually logging in under the root account in a Linux or UNIX system is called ___.

A

SUPER USER DO (SUDO)

25
Q

A system-created access control list that handles the information assurance aspect of access controls is called ___.

A

SYSTEM ACCESS CONTROL LIST (SACL)

26
Q

A multi-processing, multi-user family of operating systems originally developed by Bell Laboratories and most often used for servers is called ___.

A

UNIX

27
Q
  1. Data residing in a system’s buffers is considered data at rest.
    TRUE OR FALSE
A

TRUE

28
Q
  1. Data in motion is at higher risk than data at rest.

TRUE OR FALSE

A

FALSE

29
Q
  1. A(n) ___ is a list or collection of access control entities.
A

ACL

30
Q
  1. The three primary ACEs are access-denied, access-allowed, and ___.
A

System-audit

31
Q
  1. ___ in a database are an example of an application with internal access controls.
A

Binary large objects, or BLOBs

32
Q
  1. Which operating system(s) implements the most granular access controls?
  2. Linux
  3. UNIX
  4. Windows
  5. 1 and 2
A

Windows

33
Q
  1. In a Windows environment, what is an organizational unit?
  2. A logical structure for organizing users, groups, and computers
  3. A business unit
  4. A group of related data
  5. A logical structure for organizing firewall rules
A

A logical structure for organizing users, groups, and computers

34
Q
  1. A Window domain administrator has full control over all the computers in the domain.
    TRUE OR FALSE
A

TRUE

35
Q
  1. A Windows domain administrator is the top-level authority in a Windows environment.
    TRUE OR FALSE
A

FALSE

36
Q
  1. In which operating systems is rwxr-xr-x an example of rights notation?
A

UNIX and Linux

37
Q
  1. What does the sudo command in UNIX allow systems administrators to do?
  2. Log in as root
  3. Run any process as if they were logged in as another user
  4. Disable the root user
  5. Disable a user account
A

Run any process as if they were logged in as another user

38
Q
  1. The four rights on an NIS+ object are Read, Modify, Create, and ___.
A

Destroy

39
Q
  1. Why should an organization automate user creation? (Select two)
  2. To save time and effort for the IT staff
  3. To allow individuals to manage their own user accounts
  4. To accurately add, modify, or remove access rights
  5. To minimize the need for a full IT staff
A

To save time and effort for the IT staff

To accurately add, modify, or remove access rights

IS3230 ACCESS CONTROL, KEY INFRASTRUCTURE (15 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions