Question 1

____ access controls remedy a circumstance or mitigate the damage caused during an incident.&#10;A) Corrective&#10;B) Detective&#10;C) Deterrent&#10;D) Preventive

Accepted Answer

Corrective access controls are implemented to fix or mitigate the harm that has already occurred, such as revoking access rights, restoring data from backups, or resetting compromised passwords. The other options are preventive (aimed at preventing incidents from happening), detective (used to detect incidents that have already happened), and deterrent (discouraging unauthorized actors from attempting an attack).

Question 2

____ reduces the chance of an individual violating information security by increasing the scrutiny on any one user.&#10;A) Need to know&#10;B) Least privilege&#10;C) Access control&#10;D) Separation of duties

Accepted Answer

Separation of duties is the principle of dividing tasks and permissions among different individuals to reduce the risk of malicious behavior or error. By separating duties, no one user has complete control over a process, which increases scrutiny and reduces the chance of an individual violating information security. Need to know, least privilege, and access control are also important principles of information security, but they do not necessarily increase scrutiny in the same way as separation of duties.

Question 3

____ use(s) a challenge-response system.&#10;A) Local authentication&#10;B) Biometrics&#10;C) Synchronous tokens&#10;D) Asynchronous tokens

Accepted Answer

Asynchronous tokens use a challenge-response system where the server sends a challenge to the user, and the user responds with a token-generated response.

Question 4

Some firewalls use authentication to give employees access to common resources.

Accepted Answer

Some firewalls can authenticate users based on credentials such as usernames and passwords, allowing employees to access shared resources within the network.

Question 5

____ access controls help the organization avoid an incident.&#10;A) Corrective&#10;B) Detective&#10;C) Deterrent&#10;D) Preventive

Accepted Answer

Preventive access controls are put in place to stop incidents from happening. These controls prevent unauthorized access to information or systems, reducing the risk of a security breach. By stopping a potential incident before it occurs, organizations can avoid the potential damage to their data, reputation, and business operations.

Question 6

For most information, the U.S.military uses a classification scheme with ____ as the uppermost tier.&#10;A) confidential&#10;B) secret&#10;C) top secret&#10;D) galactic top secret

Accepted Answer

The U.S. military uses a classification scheme with top secret as the uppermost tier, followed by secret and confidential. Galactic top secret is not a valid classification level.

Question 7

A simple scheme can allow an organization to protect sensitive information, such as marketing or research data, personnel data, customer data, and general internal communications classifies data.Which of the following categories would most likely be used for internal phone lists?

A) Public
B) For Official Use Only
C) Classified
D) Galatic Top Secret

Accepted Answer

Internal phone lists are not considered sensitive information, but they are still for official use only. Therefore, the category "For Official Use Only" would be the most appropriate option. The categories "Public", "Classified", and "Galactic Top Secret" are all too high of a classification for phone lists.

Question 8

Lattice-based access control is a variation of ____ access control.&#10;A) mandatory&#10;B) discretionary&#10;C) nondiscretionary&#10;D) classification

Accepted Answer

Lattice-based access control is a mandatory access control (MAC) mechanism, where security policies are defined by a lattice structure. In this system, the access decision is based on the clearance level of the user and the classification of the object being accessed. The user's clearance is usually granted by an administrator and is based on the user's job role or security clearance level. The system ensures that users can only access objects that are at their clearance level or lower in the lattice structure. This makes it a strong and secure access control mechanism for sensitive and high-security environments.

Question 9

Role-based access controls are a type of ____ access controls.&#10;A) mandatory&#10;B) nondiscretionary&#10;C) discretionary&#10;D) task-based

Accepted Answer

Role-based access controls are considered nondiscretionary because access to resources is based on the roles assigned to users within an organization, rather than being determined by the individual user (discretionary) or by a strict policy enforced by the system (mandatory).

Question 10

A PIN is an example of something you ____.&#10;A) know&#10;B) have&#10;C) are&#10;D) do

Accepted Answer

A PIN (Personal Identification Number) is an example of something you know, as it is a piece of information memorized and used for authentication.

Question 11

RADIUS works with Network Address Translation (NAT).

Accepted Answer

The answer of RADIUS works with Network Address Translation (NAT)....

Question 12

Physical attributes are an example of something you ____ that can be used to verify identity.&#10;A) know&#10;B) have&#10;C) are&#10;D) do

Accepted Answer

The answer of Physical attributes are an example of something...

Question 13

In ____, access to a specific set of information is dependent on the information's content.&#10;A) content-dependent&#10;B) rule-based&#10;C) role-based&#10;D) task-based

Accepted Answer

The answer of In ____, access to a specific set...

Question 14

IEEE 802.1x is one of the fastest growing standards being used in enterprise networks today.

Accepted Answer

The answer of IEEE 802.1x is one of the fastest...

Question 15

Access controls are defined only using technology.

Accepted Answer

The answer of Access controls are defined only using technology....

Question 16

____ authentication can enable employees who work remotely or who are traveling to access your internal servers.&#10;A) Client&#10;B) User&#10;C) Session&#10;D) Synchronous

Accepted Answer

The answer of ____ authentication can enable employees who work...

Question 17

In a lattice-based access control, the column of attributes associated with a particular object is referred to as a(n) ____.&#10;A) need-to-know&#10;B) access control list (ACL)&#10;C) classification scheme&#10;D) rule-based configuration

Accepted Answer

The answer of In a lattice-based access control, the column...

Question 18

____ authentication is most commonly set up as a form of auditing and occurs when a system records the activities of each user and writes details about each activity to a log file.&#10;A) Local&#10;B) Discretionary&#10;C) Centralized&#10;D) Decentralized

Accepted Answer

The answer of ____ authentication is most commonly set up...

Question 19

Most organizations do not need the detailed level of classification used by the military or federal agencies.

Accepted Answer

The answer of Most organizations do not need the detailed...

Question 20

____ is most frequently associated with data classification schemes.&#10;A) Need to know&#10;B) Least privilege&#10;C) Access control&#10;D) Separation of duties

Accepted Answer

The answer of ____ is most frequently associated with data...

Question 21

Client authentication or ____ authentication should be used when only a single user is coming from a single IP address.&#10;A) discretionary&#10;B) network&#10;C) user&#10;D) session

Accepted Answer

The answer of Client authentication or ____ authentication should be...

Question 22

____________________ is the act of confirming the identity of a potential user.

Accepted Answer

The answer of ____________________ is the act of confirming the...

Question 23

Match each item with a statement below.&#10;a.authentication&#10;b.least privilege&#10;c.discretionary access controls&#10;d.authorization&#10;e.separation of duties&#10;f.identification&#10;g.need to know&#10;h.nondiscretionary access controls&#10;i.accountability&#10;Documenting the activities of the authorized individual and systems.

Accepted Answer

The answer of Match each item with a statement below.&#10;a.authentication&#10;b.least...

Question 24

Match each item with a statement below.&#10;a.authentication&#10;b.least privilege&#10;c.discretionary access controls&#10;d.authorization&#10;e.separation of duties&#10;f.identification&#10;g.need to know&#10;h.nondiscretionary access controls&#10;i.accountability&#10;This principle limits individuals' information access to what is required to perform their jobs.

Accepted Answer

The answer of Match each item with a statement below.&#10;a.authentication&#10;b.least...

Question 25

With ____________________ authentication, the firewall enables the authenticated user to access the desired resources for a specific period of time.

Accepted Answer

The answer of With ____________________ authentication, the firewall enables the...

Question 26

Public-Key Infrastructure (PKI) must be used for ____ authentication.&#10;A) Kerberos&#10;B) 802.1x Wi-Fi&#10;C) RADIUS&#10;D) certificate-based

Accepted Answer

The answer of Public-Key Infrastructure (PKI) must be used for...

Question 27

Match each item with a statement below.&#10;a.authentication&#10;b.least privilege&#10;c.discretionary access controls&#10;d.authorization&#10;e.separation of duties&#10;f.identification&#10;g.need to know&#10;h.nondiscretionary access controls&#10;i.accountability&#10;Principle by which employees are provided access to the minimal amount of information for the least duration of time necessary to perform their duties

Accepted Answer

The answer of Match each item with a statement below.&#10;a.authentication&#10;b.least...

Question 28

To configure client authentication, you need to set up one of two types of authentication systems: ____ and ____.&#10;A) standard sign-on and specific sign-on&#10;B) standard sign-on and single-sign on&#10;C) Kerberos and TACACS++&#10;D) Kerberos and RADIUS

Accepted Answer

The answer of To configure client authentication, you need to...

Question 29

The ____________________ password system, which is a feature of the Linux operating system that enables the secure storage of passwords, stores them in another file that has restricted access.

Accepted Answer

The answer of The ____________________ password system, which is a...

Question 30

Match each item with a statement below.&#10;a.authentication&#10;b.least privilege&#10;c.discretionary access controls&#10;d.authorization&#10;e.separation of duties&#10;f.identification&#10;g.need to know&#10;h.nondiscretionary access controls&#10;i.accountability&#10;Determined by a central authority in the organization.

Accepted Answer

The answer of Match each item with a statement below.&#10;a.authentication&#10;b.least...

Question 31

Linux stores passwords in the ____ file in encrypted format.&#10;A) /etc/pass&#10;B) /root/passwd&#10;C) /etc/passwd&#10;D) /system/password

Accepted Answer

The answer of Linux stores passwords in the ____ file...

Question 32

Match each item with a statement below.&#10;a.authentication&#10;b.least privilege&#10;c.discretionary access controls&#10;d.authorization&#10;e.separation of duties&#10;f.identification&#10;g.need to know&#10;h.nondiscretionary access controls&#10;i.accountability&#10;Confirming the identity of the entity seeking access to a logical or physical area

Accepted Answer

The answer of Match each item with a statement below.&#10;a.authentication&#10;b.least...

Question 33

____________________ IP address mappings work best because some TACACS+ systems use the source IP address to create the encryption key.

Accepted Answer

The answer of ____________________ IP address mappings work best because...

Question 34

Match each item with a statement below.&#10;a.authentication&#10;b.least privilege&#10;c.discretionary access controls&#10;d.authorization&#10;e.separation of duties&#10;f.identification&#10;g.need to know&#10;h.nondiscretionary access controls&#10;i.accountability&#10;Obtaining the identity of the entity requesting access to a logical or physical area.

Accepted Answer

The answer of Match each item with a statement below.&#10;a.authentication&#10;b.least...

Question 35

In ____________________-based access controls, access is granted based on a set of rules specified by the central authority.

Accepted Answer

The answer of In ____________________-based access controls, access is granted...

Question 36

Match each item with a statement below.&#10;a.authentication&#10;b.least privilege&#10;c.discretionary access controls&#10;d.authorization&#10;e.separation of duties&#10;f.identification&#10;g.need to know&#10;h.nondiscretionary access controls&#10;i.accountability&#10;Determining which actions an entity can perform in that physical or logical area.

Accepted Answer

The answer of Match each item with a statement below.&#10;a.authentication&#10;b.least...

Question 37

Match each item with a statement below.&#10;a.authentication&#10;b.least privilege&#10;c.discretionary access controls&#10;d.authorization&#10;e.separation of duties&#10;f.identification&#10;g.need to know&#10;h.nondiscretionary access controls&#10;i.accountability&#10;Implemented at the discretion of the data user.

Accepted Answer

The answer of Match each item with a statement below.&#10;a.authentication&#10;b.least...

Question 38

You might have to use TACACS+ or ____ if your firewall doesn't support authentication.&#10;A) RADIUS&#10;B) Kerberos&#10;C) NAT&#10;D) digital certificates

Accepted Answer

The answer of You might have to use TACACS+ or...

Question 39

The ____ authentication server is also known as a Key Distribution Center (KDC).&#10;A) TACACS+&#10;B) Kerberos&#10;C) WEP&#10;D) RADIUS

Accepted Answer

The answer of The ____ authentication server is also known...

Question 40

Match each item with a statement below.&#10;a.authentication&#10;b.least privilege&#10;c.discretionary access controls&#10;d.authorization&#10;e.separation of duties&#10;f.identification&#10;g.need to know&#10;h.nondiscretionary access controls&#10;i.accountability&#10;This principle increases the security of information and other assets by requiring that more than one individual be responsible for a particular information asset, process, or task.

Accepted Answer

The answer of Match each item with a statement below.&#10;a.authentication&#10;b.least...

Question 41

What are the functions that can be used to classify access controls?

Accepted Answer

The answer of What are the functions that can be...

Question 42

What is a disadvantage of centralized authentication?

Accepted Answer

The answer of What is a disadvantage of centralized authentication?...

Question 43

What are discretionary access controls?

Accepted Answer

The answer of What are discretionary access controls?...

Question 44

Describe mandatory access control.

Accepted Answer

The answer of Describe mandatory access control....

Question 45

Describe security clearances.

Accepted Answer

The answer of Describe security clearances....

Question 46

Compare TACACS+ and RADIUS with regard to strength of security.

Accepted Answer

The answer of Compare TACACS+ and RADIUS with regard to...

Question 47

Describe the differences between local and centralized authentication.

Accepted Answer

The answer of Describe the differences between local and centralized...

Question 48

What are the general steps a firewall uses to authenticate users?

Accepted Answer

The answer of What are the general steps a firewall...

Question 49

What types of one-time passwords are available?

Accepted Answer

The answer of What types of one-time passwords are available?...

Question 50

What are the four processes encompassed by access control?

Accepted Answer

The answer of What are the four processes encompassed by...

Deck 3: Authenticating Users