IS3340 CHAPTER 3 Flashcards

1
Q

An individual entry in a CACL is called ___?

A

ACCESS CONTROL ENTRY (ACE)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The list of access permissions for an object is called ___?

A

ACCESS CONTROL LIST (ACL)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Shared database of domain users, groups, computers, resources, and other information, along with network functionality to centralize and standardize network management and interoperation is called ___?

A

ACTIVE DIRECTORY

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

This is an access control approach that systematically nests individual user accounts in groups that make securing objects more general. It is an acronym for Accounts, Global groups, Universal groups, domain Local groups, and Permissions and is usually called ___?

A

AGULP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The process of collecting performance information on what actions were taken and storing that information for later analysis is called ___?

A

AUDITING

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

GUIDS used in the Windows registry to identity objects and record many of their attributes is called ___?

A

CLASS IDENTIFIERS (CLSIDs)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

An international set of standards for functionality and assurance of computer security. This is supersedes the Orange Book as well as other standards and is called ___?

A

COMMON CRITERIA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The list of access permissions for an object, based on access granted by the object’s owner is called ___?

A

DISCRETIONARY ACCESS CONTROL LIST (DACL)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A server computer designated to handle Active Directory requests is called ___?

A

DOMAIN CONTROLLER

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Access permissions to an object calculated based on the requesting subjects’ identification and group memberships is called ___?

A

EFFECTIVE PERMISSIONS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Identification value that is unique across all environments to keep track of an object across many computers is called ___?

A

GLOBALLY UNIQUE ID (GUID)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A set of named entities that define a group of users for the purposes of defining permissions that apply to multiple users is called ___?

A

GROUP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A computer network authentication protocol which allows computers to communicate in a secure manner across an insecure network, and the default authentication protocol for Windows. This is called ___?

A

KERBEROS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A computer designated to authenticate users and, upon authentication, issue Kerberos keys that will allow subjects to access objects is called ___?

A

KEY DISTRIBUTION CENTER (KDC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

User accounts that are defined using the principle of least privilege is called ___?

A

LEAST PRIVILEGE USER ACCOUNTS (LUAs)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Authentication protocol used in legacy Windows systems to support secure communication across an insecure network is called ___?

A

NETWORK TRANSLATION LAN MANAGER (NTLM)

17
Q

This was one of the early formal standards for computer security. The United States Department of Defense Trusted Computer System Evaluation Criteria (DOD-5200.28-STD) is commonly called ___.

A

ORANGE BOOK

18
Q

The practice of providing a user or process with only the necessary access required to carry out a task is called ___?

A

PRINCIPLE OF LEAST PRIVILEGE

19
Q

An encryption key that can be shared and does not need to be kept private is called ___?

A

PUBLIC KEY

20
Q

A document used by Windows to store all SIDs associated with a process is called ___?

A

SECURITY ACCESS TOKEN (SAT)

21
Q

Windows feature that prompts users for a confirmation before escalating to administrator privileges is called ___?

A

USER ACCOUNT CONTROL

22
Q
  1. Which of the following best describes the principle of least privilege?
  2. Providing the necessary access to carry out any task
  3. Providing access to the least number of objects possible
  4. Providing just the necessary access required to carry out a task
  5. Providing access equivalent to the least populated security group
A

Providing just the necessary access required to carry out a task

23
Q
  1. Which type of user account is designed using the principle of least privilege?
  2. LUA
  3. SID
  4. GUID
  5. KDC
A

LUA

24
Q
  1. What structure does the Windows operating system use to store collections of permissions for objects?
  2. ACE
  3. DACL
  4. GUID
  5. CLSID
A

DACL

25
Q
  1. If a regular user is a member of four groups, how many SIDs will be stored in the user’s SAT?
  2. 1
  3. 4
  4. 5
  5. 6
A

5

26
Q
  1. Which of the following best describes UAC?
  2. Prompts users before escalating to administrator privileges
  3. Prevents processes from escalation to administrator privileges
  4. Terminates programs that attempt to escalate to administrator privileges
  5. Alerts users that attempts to escalate to administrator privileges have been automatically denied
A

Prompts users before escalating to administrator privileges

27
Q
  1. Which protocol does the Windows operating system use by default to authenticate computers to exchange security information?
  2. Kerberos
  3. NTLM
  4. SAML
  5. TCP/IP
A

Kerberos

28
Q
  1. When viewing an object’s DACL, which permission indicates that advanced permissions have been set?
  2. Extended permissions
  3. Advanced permissions
  4. Special permissions
  5. Level II permissions
A

Special permissions

29
Q
  1. Which type of identifier was originally developed to identify ActiveX controls?
  2. SID
  3. PID
  4. CLSID
  5. GUID
A

GUID

30
Q
  1. Which type of identifier is used to identify user groups?
  2. SID
  3. PID
  4. CLSID
  5. GUID
A

SID

31
Q
  1. If a user, user A
A

No, because group B denies read access to helloWorld.c

32
Q
  1. Why should you carefully design an auditing strategy before turning auditing on?
  2. Auditing incomplete information wastes analysis time
  3. Auditing too much information causes excessive overhead
  4. Ad-hoc auditing rarely provides useful information
  5. Audit log files only retain limited information without extensive configuration
A

Auditing too much information causes excessive overhead

33
Q
  1. Which of the following guidelines tend to provide the most useful auditing information?
  2. Always audit event success and failures
  3. Never audit both event successes and failures
  4. Generally audit event failures
  5. Do not audit event failures unless you first audit event successes
A

Generally audit event failures

34
Q
  1. What tool is most commonly used to view and search audit logs?
  2. Windows Event Viewer
  3. Windows Log Viewer
  4. Windows Audit Viewer
  5. Window ACL Viewer
A

Windows Event Viewer

35
Q
  1. Which of the following Windows tools replaces previous legacy tools and allows ACL modifications
  2. Cacls
  3. Xcacls
  4. iCacls
  5. SubInACL
A

iCacls

36
Q
  1. When using AGULP, for which entity type are local object permissions defined?
  2. User accounts
  3. Global groups
  4. Universal groups
  5. Domain local groups
A

Domain local groups