Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ISC SysAdmin > Users & Security > Flashcards

Users & Security Flashcards

1
Q

Which of the following statements is considered to be a security best practice?

a. Manually restrict the permissions on all executables
b. Manually modify the user that owns the executables
c. Enable the Locked Down security option in the Management Portal
d. Disable the Private Apache Web Server

A

d. Disable the Private Apache Web Server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following statements is true in a default instance of InterSystems IRIS with a Normal or a Locked Down initial security configuration?

a. Audit information is available in the IRISAUDIT database.
b. If auditing is enabled, the system will freeze automatically if the audit database encounters an error.
c. Database activity (such as inserts, updates, or deletes for a table) is automatically audited.
d. Auditing is disabled in a default instance with this initial security configuration.

A

a. Audit information is available in the IRISAUDIT database.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

You have been asked to configure an InterSystems IRIS Web Gateway to connect to your IRIS instances using mutual TLS encryption.
Which of the following statements is true about implementing the Web Gateway configuration described above?

a. The SSL libraries (libssl.so and libcrypto.so) in use by the IRIS Web Gateway must be compatible with the Web Server, and with those in use by the InterSystems IRIS superserver.
b. The InterSystems IRIS superserver must be configured to require TLS encryption.
c. In the InterSystems IRIS Web Gateway, the server’s connection security level must be changed to SSL/TLS, certificates and keys must be supplied, and the username/password removed.
d. The %Service_WebGateway service in InterSystems IRIS must allow encrypted connections.

A

a. The SSL libraries (libssl.so and libcrypto.so) in use by the IRIS Web Gateway must be compatible with the Web Server, and with those in use by the InterSystems IRIS superserver.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

When databases are encrypted, which namespace should also be encrypted ?

a. EnsLib
b. %SYS
c. IRISLIB
d. IRISTEMP

A

d. IRISTEMP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

To gain Emergency Access to IRIS, which method of Authentication is the only one supported ?

a. Two-Factor Authentication
b. Primary Authentication
c. Single-Sign On (SSO)
d. Challenge Handshake Authentication
e. Instance Authentication

A

e. Instance Authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following is a pre-defined IRIS Account ?

a. %SYS
b. _SYS
c. _SYSTEM
d. _%SYS

A

c. _SYSTEM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

IRIS allows you to specify requirements for user passwords by supplying a string of the form: X.Y[ANP]

X is the min and Y is the max length, A is Alphabetic, N is Numeric, what does the P stand for ?

a. Punctuation
b. Prefix
c. Parameter
d. Password

A

a. Punctuation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Ideally, administrator passwords should be a random mixture of uppercase and lowercase alphabetic characters, numerals, and punctuation.

What does InterSystems strongly recommend as a minimum password length of such random characters ?

a. 8
b. 10
c. 12
d. 16

A

c. 12

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the maximum value for the “invalid login limit” parameter ?
(This parameter limits the number of invalid logins allowed, before disabling the user account).

a. 16
b. 64
c. 128
d. 365

A

b. 64

However, a value of zero disables this parameter.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

In the Management Portal, what is the default time before an expired session is automatically logged out ?

a. 5 seconds
b. 15 seconds
c. 30 seconds
d. 45 seconds

A

b. 15 seconds

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the default Session Timeout value for web applications ?

a. 1 minute
b. 5 minutes
c. 10 minutes
d. 15 minutes

A

d. 15 minutes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the 2 security modes for accessing the Management Portal?

a. Unauthenticated - no username/password reqd.
b. Unauthorised - no certificate reqd.
c. Authorised - certificat reqd.
d. Authenticated - username/password reqd.

A

a. Unauthenticated - no username/password reqd.

d. Authenticated - username/password reqd.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How do you change your password in Management Portal ?

a. Navigate to User>Reset Password
b. Click on the Ensemble icon
c. Navigate to Config>Startup
d. Click your name in the Management Portal header.

A

d. Click your name in the Management Portal header.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following are valid types of user for the Management Portal ? :

a. Security Manager (%Admin_Secure -> /csp/sys/sec)
b. Manager (%Admin_Manage -> /csp/sys/mgr)
c. Listener (%Admin_Listen -> /csp/sys/lsnr)
d. Operator (%Admin_Operate -> /csp/sys/op)
e. Studio (%Admin_Studio -> /csp/sys/std)
f. Explorer (%Development -> /csp/sys/exp)

A

a. Security Manager - View and edit list of users, roles, and
other security tasks

b. Manager - Change system configuration and define backup sets.

d. Operator - View system status pages and perform backups

f. Explorer - View home page, view classes, routines, and globals, and use SQL pages, provided the user has access to the appropriate resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

ISC SysAdmin (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions