Module 19: Access Control

Question 1

Which component of AAA is used to determine which resources a user can access and which operations the user is allowed to perform?

auditing
authorization
authentication
accounting

Answer 1

authorization

Question 2

What is the biggest issue with local implementation of AAA?

Local implementation cannot provide secure authentication.
Local implementation supports only TACACS+ servers.
Local implementation does not scale well.
Local implementation supports only RADIUS servers.

Answer 2

Local implementation does not scale well

Question 3

A company is experiencing overwhelming visits to a main web server. The IT department is developing a plan to add a couple more web servers for load balancing and redundancy. Which requirement of information security is addressed by implementing the plan?

confidentiality
integrity
scalability
availability

Answer 3

availability

Question 4

What is an example of privilege escalation attack?

A threat actor sends an email to an IT manager to request the root access.
A threat actor performs an access attack and gains the administrator password.
A port scanning attack finds that the FTP service is running on a server that allows anonymous access.
A DDoS attack is launched against a government server and causes the server to crash.

Answer 4

A threat actor performs an access attack and gains the administrator password.

Question 5

What is the principle of least privilege access control model?

User access to data is based on object attributes.
Users control access to data they own.
Users are granted the strictest access control possible to data.
Users are granted rights on an as-needed approach.

Answer 5

Users are granted rights on an as-needed approach.

Question 6

A server log includes this entry: User student accessed host server ABC using Telnet yesterday for 10 minutes. What type of log entry is this?

accounting
authentication
authorization
accessing

Answer 6

Accounting keeps track of how network resources are used.

The who, what, where, when, and how of a user accessing a resource

Question 7

What are three access control security services? (Choose three.)

accounting
access
authentication
authorization
availability
repudiation

Answer 7

Accounting
Authentication
Authorization

Question 8

Which objective of secure communications is achieved by encrypting data?

authentication
availability
confidentiality
integrity

Answer 8

Confidentiality

Question 9

Which access control model allows users to control access to data as an owner of that data?

attribute-based access control
discretionary access control
nondiscretionary access control
mandatory access control

Answer 9

discretionary access control

Question 10

Which two protocols are used to provide server-based AAA authentication? (Choose two.)

802.1x
TACACS+
SNMP
SSH
RADIUS

Answer 10

TACACS+
RADIUS

Question 11

What three items are components of the CIA triad? (Choose three.)

availability
integrity
access
intervention
confidentiality
scalability

Answer 11

What three items are components of the CIA triad? (Choose three.)

Confidentiality
Integrity
Availability