Section 20 Access Control Flashcards

1
Q

Methods used to secure data and information by verifying a user has permissions to read, write, delete, or otherwise modify it.

A

Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The access control policy is determined by the owner.

A

Discrecretionary Access Control (DAC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

An access control policy where the computer systems determines the access control for an object.

A

Mandatory Access Controls (MAC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Label based access control that defines whether access should be granted or denied to objects by comparing the object label and the subject label.

A

Rule Based Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Utilizes complex mathematics to create sets of objects and subject to define how they interact.

A

Lattice Based Access Control (LBAC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

An access model that is controlled by the system (like MAC) but utilizes a set of permissions instead of a single data label to define the permission level.

A

Role Based Access Control (RBAC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

An access model that is dynamic and context aware using IF-THEN statements.

A

Attribute Based Access Control (ABAC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Requires more than one person to conduct a sensitive task or operation.

A

Separation of Duties

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Occurs when users are cycled through various jobs to learn the overall operations better, reduce their boredom, enhance their skill level, and most importantly, increase our security.

A

Job Rotation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Permissions assigned to a given user.

A

User Rights

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Collection of users based on common attributes (generally work roles).

A

Groups

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Program in Linux that is used to change the permissions or rights of a file or folder using a shorthand number system.

A

Chmod

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

4

A

R (READ)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

2

A

W (WRITE)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

1

A

X (EXECUTE)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Occurs when a user get additional permission overtime as they rotate through different positions or rules.

A

Privilege Creep

17
Q

Process where each user’s rights and permissions are revalidated to ensure they are correct.

A

User Access Recertificaiton

18
Q

Occurs when permissions are passed to a subfolder from the parent through inheritance.

A

Propagation

19
Q

Contain uppercase letters, lowercase letters, numbers, special characters, and at least 8 characters or more (preferably 14 or more).

A

Strong Passwords

20
Q

A security component in windows that keeps every user in standard user mode instead of acting like an admin user.

A

User Account Control (UAC)