Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP FlashCards > Week 09 > Flashcards

Week 09 Flashcards

1
Q

What is Identity and Access Management (IAM)?

A

IAM is a framework that ensures the right individuals access the right resources at the right times for the right reasons, involving identification, authentication, authorization, and accountability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

T/F: In IAM, the “Subject” is the passive entity containing information, while the “Object” is the entity requesting access.

A

False. The Subject is the entity requesting access, and the Object is the passive entity containing information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following is NOT a type of biometric authentication?
A) Fingerprint
B) Iris scan
C) Password
D) Voice recognition

A

C) Password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Fill in the Blank
Q: The three general factors used for authentication are:

Something a person __________ (knowledge factor).
Something a person __________ (possession factor).
Something a person __________ (inherent factor).

A

knows, has, is

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is Single Sign-On (SSO)?

A

SSO allows a user to authenticate once and access multiple applications or systems without re-authenticating each time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Multi-Factor Authentication (MFA) is more secure than Single-Factor Authentication (SFA) because it requires multiple types of credentials.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which access control model grants or denies access based on user roles and responsibilities?
A) Discretionary Access Control (DAC)
B) Role-Based Access Control (RBAC)
C) Mandatory Access Control (MAC)
D) Attribute-Based Access Control (ABAC)

A

B) Role-Based Access Control (RBAC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The principle of __________ ensures that users only have the minimum level of access necessary to perform their job.

A

Least Privilege

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the Crossover Error Rate (CER) in biometric systems?

A

CER is the point at which the False Acceptance Rate (FAR) equals the False Rejection Rate (FRR), used as a measure of biometric system accuracy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A race condition occurs when two processes access the same resource sequentially, ensuring proper authorization and authentication.

A

False. A race condition occurs when two processes access the same resource concurrently, potentially leading to security flaws.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which of the following is a component of the CIA triad in security principles?
A) Confidentiality
B) Integrity
C) Availability
D) All of the above

A

D) All of the above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

__________ is the process of ensuring that users are held responsible for their actions within a system, typically through auditing and logging.

A

Accountability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CISSP FlashCards (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions