Week 7

Question 1

__________ controls access of a user to information through their role or job.

Answer 1

Role-based access control (RBAC)

Question 2

What are the 3 primary entities in RBAC?

Answer 2

users
roles
permissions

Question 3

In RBAC, _____ are assigned to ____ which are assigned permissions.

Answer 3

users

roles

Question 4

In RBAC, roles are assigned in a ______ for role inheritance.

Answer 4

hierarchy

Question 5

______ eliminates the need to assign permissions directly to users.

Answer 5

RBAC

Question 6

What are the disadvantages in RBAC?

Answer 6

Users may have more permissions than needed.
Users may not have the ability to do one-time operations.
Roles assignment may not be properly changed.

Question 7

In _________ the access rights are based on the values associated with the subject, object and environment.

Answer 7

Attribute-based access control (ABAC)

Question 8

______ are characteristics associated with an entity.

A. Identity
B. Associations
C. Attributes
D. Objects

Answer 8

C. Attributes

Question 9

In ABAC the permissions are _____ and they have to be computed.

Answer 9

dynamic

Question 10

ABAC uses a neutral XML-based language called _______.

A. NXML
B. XACML
C. ABXML
D. None of the above

Answer 10

B. XACML

Question 11

A ______ is the topmost level of the XACML language and consists of one or more _____ elements.

Answer 11

PolicySet

Policy

Question 12

in ABAC a policy contains one or more _______.

A. Rules
B. Attributes
C. Subjects
D. Objects

Answer 12

A. Rules

Question 13

A _____ defines the scope for the PolicySet. It defines the set of resources for which the PolicySet applies.

Answer 13

Target

Question 14

The ____ contains a target and a set of one or more rules.

Answer 14

Policy

Question 15

A _____ contains a target and an effect and condition component.

Answer 15

Rule

Question 16

A PolicySet contains 3 components. What are they?

Answer 16

Policy
Target
Rules

Question 17

In the XACML data flow, the _______ is the core of the access decision engine as it performs key operations, including evaluating policies and encoding the access decision response.

Answer 17

Policy Decision Point (PDP)

Question 18

In XACML, the ______ writes policies and policy sets to make them available to the Policy Decision Point.

Answer 18

Policy Administration Point (PAP)

Question 19

In XACML, access requests are sent to the ______.

A. Policy Administration Point
B. Policy Enforcement Point
C. Policy Information Point
D. Policy Decision Point

Answer 19

B. Policy Enforcement Point (PEP)

Question 20

The ____ evaluates applicable policies and returns the authorization decision to the ______, which sends to the _____ for enforcement of the decision.

Answer 20

PDP
Context Handler
PEP