quiz 9 Flashcards
DAC is an access control policy generally determined by the owner.
True—Discretionary access control (DAC) is an access control policy generally determined by the owner.
. Lattice-based access control is an example of role-based access control.
False—Lattice-based access control is an example of mandatory access control.
Least privilege is a concept that denies all traffic to a resource unless the user is specifically granted access to that resource.
False—Least privilege is when users are given only the amount of privileges needed to do their job. The concept that denies all traffic unless specifically granted is known as implicit deny.
Separation of duties is when more than one person is required to complete a task.
True—Separation of duties is employed so that one person will not have too much control; multiple people are needed to complete an operation or task.
One of the reasons to have job rotation implemented is to increase employee boredom.
False—Job rotation is implemented to reduce employee boredom and to increase user insight and enhance employee skill level.
Active Directory Users and Computers can be used to add organizational units to a domain.
True—Active Directory Users and Computers is used to add organizational units, users, groups, and policies.
Full control is a type of NTFS permission that might be enabled within an access control list.
True—Full control is one of the NTFS permissions you would find within an ACL, or access control lists.
To change permissions on a file in Linux, you would use the chmod commands.
True—Linux uses the chmod command to change permissions; a common number used is 755.
If a child folder is inheriting its permissions from a parent folder, it could be said that the parent is propagating those permissions to the child.
True—When the child folder or subfolder inherits permissions from a parent folder, that parent is propagating those permissions to the subfolder.
If you move a folder to a different location on the same volume, that folder will lose its permissions.
False—if you move a folder to a different location on the same volume, the folder retains its original permissions.
Which of the following should be included in a password to make it complex? (Select the three best answers.) A. Uppercase letters B. Numbers C. Special characters D. Function keys
A, B, and C. Uppercase letters, numbers, and special characters should all be included in a password to make it complex. You cannot use function keys (for example, F10) within a password.
Of the following, what are two good ways to protect the computer? (Select the two best answers.)
A. Verify that the guest account is disabled.
B. Rename and password protect the administrator account.
C. Delete the administrator account.
D. Remove password policies.
A and B. Verifying that the guest account, and any other unnecessary accounts, is disabled and renaming a password protecting the administrator account are good ways to protect the computer.
Maximum and minimum password age" is part of which of the following? A. Organizational unit B. Group policy editor C. Password policy D. Registry
C. The password policy includes lots of settings including Maximum and Minimum Password Age.
Which of the following keeps every user in a standard user mode instead of as an administrator, even if the user is a member of the administrators group? A. Password policy B. Administrator policy C. Vista access control D. User account control
D. User Account Control (UAC) is a component of Windows Server 2008, Windows Vista, and Windows 7 that keeps every user (besides the actual administrator account) in standard user mode.
Which of the following is the strongest password? A. |ocrian# B. Marqu1sD3S0d C. This1sV#ryS3cure D. Thisisverysecure
C. This1sV#ryS3cure incorporates case-sensitive letters, numbers, and special characters, and is 16-characters long. The other answers do not have the complexity of answer C.
