IS3340 CHAPTER 2 Flashcards
The process of providing and denying access to objects is called ___?
ACCESS CONTROL
Shared database of domain users, groups, computers, resources, and other information, along with network functionality to centralize and standardize network management and interoperation is called ___?
ACTIVE DIRECTORY
The collection of all possible vulnerabilities that could provide unauthorized access to computer resources; all of the software a computer runs that is vulnerable to attack is called ___?
ATTACK SURFACE
Proving that provided identity credentials are valid and correct is called ?
AUTHENTICATION
Granting and/or denying access to resources based on the authenticated user is called ___?
AUTHORIZATION
A level of sensitivity assigned to an object by its owner. An example object could be assigned as top secret, secret, confidential, restricted, or unclassified and is called ___?
CLASSIFICATION
A security level assigned to subjects, authorizing them to access objects with an equal or lower classification. These levels include top secret, secret, and confidential and is called ___?
CLEARANCE
Any mechanism or action that prevents, detects, or addresses an attack is called ___?
CONTROL
An access control method based on an object’s owner and permissions granted by the owner is called ___?
DISCRETIONARY ACCESS CONTROL (DAC)
To take advantage of a specific vulnerability is called ___?
EXPLOIT
Software layer in the operating system kernel that provides the actual access to physical hardware is called ___?
HARDWARE ABSTRACTION LAYER(HAL)
Providing credentials that claim a specific identity, such as a user name is called ___?
IDENTIFICATION
The core part of an operating system that provides the essential services of the operating system is called ___?
KERNEL
An attack in which the attacker is located between a client and a server and intercepts traffic flowing back and forth between the two computers. The attacker can view or modify data that is transmitted in the clear. This is called ___?
Man in the middle Attack
The portion of an operating system’s kernel that resides exclusively in memory is called ___?
MICROKERNEL
Authentication process that requires multiple types of authentication credentials is called ___?
MULTI-FACTOR AUTHENTICATION
A resource to which access is controlled is called ___?
OBJECT