IS3340 CHAPTER 2 Flashcards

1
Q

The process of providing and denying access to objects is called ___?

A

ACCESS CONTROL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Shared database of domain users, groups, computers, resources, and other information, along with network functionality to centralize and standardize network management and interoperation is called ___?

A

ACTIVE DIRECTORY

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The collection of all possible vulnerabilities that could provide unauthorized access to computer resources; all of the software a computer runs that is vulnerable to attack is called ___?

A

ATTACK SURFACE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Proving that provided identity credentials are valid and correct is called ?

A

AUTHENTICATION

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Granting and/or denying access to resources based on the authenticated user is called ___?

A

AUTHORIZATION

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A level of sensitivity assigned to an object by its owner. An example object could be assigned as top secret, secret, confidential, restricted, or unclassified and is called ___?

A

CLASSIFICATION

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A security level assigned to subjects, authorizing them to access objects with an equal or lower classification. These levels include top secret, secret, and confidential and is called ___?

A

CLEARANCE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Any mechanism or action that prevents, detects, or addresses an attack is called ___?

A

CONTROL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

An access control method based on an object’s owner and permissions granted by the owner is called ___?

A

DISCRETIONARY ACCESS CONTROL (DAC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

To take advantage of a specific vulnerability is called ___?

A

EXPLOIT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Software layer in the operating system kernel that provides the actual access to physical hardware is called ___?

A

HARDWARE ABSTRACTION LAYER(HAL)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Providing credentials that claim a specific identity, such as a user name is called ___?

A

IDENTIFICATION

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The core part of an operating system that provides the essential services of the operating system is called ___?

A

KERNEL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

An attack in which the attacker is located between a client and a server and intercepts traffic flowing back and forth between the two computers. The attacker can view or modify data that is transmitted in the clear. This is called ___?

A

Man in the middle Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

The portion of an operating system’s kernel that resides exclusively in memory is called ___?

A

MICROKERNEL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Authentication process that requires multiple types of authentication credentials is called ___?

A

MULTI-FACTOR AUTHENTICATION

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

A resource to which access is controlled is called ___?

A

OBJECT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

This defines what a user can do to a specific object, such as read or delete the object and is called ___?

A

PERMISSION

19
Q

User rights define tasks that a user is permitted to carry out, such as take ownership of objects or shut down the computer and is called ___?

A

RIGHT

20
Q

An access control method based on permissions defined by a role, e.g., manager, authorized user, guest, as opposed to an individual user, e.g., Michael Solomon. This is called ___?

A

ROLE BASED ACCESS CONTROL (RBAC)

21
Q

A unique identifier for each user and group in a Windows environment is called ___?

A

SECURITY IDENTIFIER (SID)

22
Q

An entity requesting access to an object is called ___?

A

SUBJECT

23
Q

The highest privilege at which programs can run, allowing access to the physical hardware and kernel resources. AKA kernel mode and is called ___?

A

SUPERVISOR MODE

24
Q

Authentication process that requires two separate types of authentication credentials is called ___?

A

TWO-FACTOR AUTHENTICATION

25
Q

Authentication based on information only a valid user knows, such as a password or PIN is called ___?

A

TYPE I AUTHENTICATION

26
Q

Authentication based on a physical object that contains identity information, such as a token, card, or other device is called ___?

A

TYPE II AUTHENTICATION

27
Q

Authentication based on a physical characteristic (biometric), such as a fingerprint, hand print, or retina characteristic is called ___?

A

TYPE III AUTHENTICATION

28
Q

Limited privilege for running programs that does not allow direct access to the computer’s physical hardware or certain kernel resources is called ___?

A

USER MODE

29
Q
  1. Which of the following is NOT a goal of a secure environment?
  2. All required information is available to authorized users
  3. No information is available to unauthorized user
  4. All required information is available
  5. No classified information is available to unauthorized users
A

All required information is available

30
Q
  1. Which term describes the central component of an operating system?
  2. Kernel
  3. Shell
  4. Hardware Abstraction Layer
  5. Executive
A

Kernel

31
Q
  1. what are the two run modes for windows programs?
  2. supervisor mode and executive mode
  3. Kernel mode and supervisor mode
  4. User mode and executive mode
  5. Kernel mode and user mode
A

Kernel mode and user mode

32
Q
  1. Which of the following Windows components resides in memory to provide the core operating system services?
  2. Kernel
  3. Microkernel
  4. Executive
  5. Hardware Abstraction Layer
A

Microkernel

33
Q
  1. what is the name of the process which proves you are who you say you are?
  2. Identification
  3. Authorization
  4. Permission
  5. Authentication
A

Authentication

34
Q
  1. Which type of authentication is a smart card?
  2. Type I
  3. Type II
  4. Type III
  5. Type IV
A

Type II

35
Q
  1. Which access control method relates data classification to user clearance?
  2. MAC
  3. DAC
  4. RBAC
  5. LDAC
A

MAC

36
Q
  1. What value uniquely identifies a user or group in Windows?
  2. UID
  3. SAT
  4. SID
  5. ACE
A

SID

37
Q
  1. If the same user is created on three separate Windows computers, which value is the same on all three computers?
  2. SID
  3. User code
  4. Username
  5. SAT
A

Username

38
Q
  1. Which Windows feature allows users and groups to be “shared” among machines?
  2. Domain control
  3. Workgroup
  4. SID
  5. Active Directory
A

Active Directory

39
Q
  1. What defines the limit of how many computers share users and groups?
  2. SID
  3. GUID
  4. Domain
  5. Workgroup
A

Domain

40
Q
  1. Which of the following best describes the term “attack surface”?
  2. All possible vulnerabilities in application software that could be exploited
  3. All possible vulnerabilities that could be exploited
  4. The most likely avenues of attack
  5. Known vulnerabilities that have not been patched
A

All possible vulnerabilities that could be exploited

41
Q
  1. When possible, what is the best way to mitigate vulnerability in a specific service?
  2. Remove the service
  3. Disable the service
  4. Block access to the service
  5. Patch the service
A

Remove the service

42
Q
  1. When monitoring a Windows system, with what do you compare current system performance to test for security compliance?
  2. The previous monitoring results
  3. A normal performance scan
  4. A stated baseline
  5. A defined security goal
A

A stated baseline

43
Q
  1. Why should you immediately test your system for security compliance after making a configuration change?
  2. Configuration changes generally increase security
  3. Configuration changes generally decrease security
  4. Configuration changes may introduce new vulnerabilities
  5. Configuration changes may remove existing vulnerabilities
A

Configuration changes may introduce new vulnerabilities