Question 1

A file or resource owner has the ability to change the permissions on that file or resource.&#10;A)MAC&#10;B)DAC&#10;C)RBAC&#10;D)RBOC

Accepted Answer

DAC (Discretionary Access Control) allows the file or resource owner to control who has access and what level of access they have. This includes the ability to change permissions on the file or resource. MAC (Mandatory Access Control) uses a central authority to set access controls, RBAC (Role-Based Access Control) assigns permissions based on the user's role or job function, and RBOC is not a recognized access control model.

Question 2

Groups are used to&#10;A)Create a collection of users to simplify privilege management&#10;B)Circumvent an overly restrictive ACL ruleset&#10;C)Create a collection of programs simplifying ACL implementation&#10;D)Separate computers into logical groups that perform similar functions

Accepted Answer

Groups are used to create a collection of users who share similar permissions and access levels, which simplifies privilege management. This allows administrators to assign permissions to a group of users rather than assigning them one by one.

Question 3

Which of the following is the strongest password?&#10;A)swordfish&#10;B)Supercalifragilisticexpialidocious&#10;C)1Aw3u$iaIiWtww1s1a!&#10;D)P@$$w0rd

Accepted Answer

Password C is the strongest because it includes a combination of uppercase and lowercase letters, numbers, and special characters. It also has a random pattern, making it less susceptible to guessing or cracking through brute force methods.

Note: Password A (swordfish) and Password D (P@$$w0rd) are commonly used and easily guessed by attackers. Password B (Supercalifragilisticexpialidocious) is long, but lacks complexity and includes only uppercase letters.

Question 4

What is the use of &#34;securityadmin&#34; in Microsoft SQL Server an example of?&#10;A)DAC&#10;B)MAC&#10;C)Role-based access control&#10;D)Rule-based access control

Accepted Answer

"securityadmin" is a role-based access control in Microsoft SQL Server. This role allows the user to manage logins and their properties, including password policy enforcement, password expiration, and lockout. This role also enables the user to manage server-level security. "DAC" is Database Administration Command, "MAC" is Mandatory Access Control, and "rule-based access control" is not a concept implemented in Microsoft SQL Server.

Question 5

Management password policy should address all of the following except?&#10;A)Password reuse&#10;B)Password complexity rules&#10;C)Protection of passwords&#10;D)Password salting to ensure unique hash values

Accepted Answer

The management password policy should address password reuse, password complexity rules, and protection of passwords. However, password salting is a technical implementation detail and should not be included in the policy. It is the responsibility of the IT department to ensure password salting for secure storage and hashing of passwords.

Question 6

A network administrator wants to specify the number of days a password must be used before it can be changed again.What domain password policy will need to be configured?&#10;A)Enforce password history&#10;B)Maximum password age&#10;C)Minimum password age&#10;D)Minimum password length

Accepted Answer

The "Minimum password age" policy specifies the period that a password must be used before the user can change it. This is used to prevent users from changing passwords too frequently, often as a measure to stop users from cycling back to old, possibly compromised passwords.

Question 7

What environment does UNIX use?&#10;A)DAC&#10;B)MAC&#10;C)Role-based access control&#10;D)Rule-based access control

Accepted Answer

UNIX primarily uses Discretionary Access Control (DAC), where the owner of a file or resource has the discretion to set permissions for other users.

Question 8

Administrator,root,and superuser are accounts that have the power to do anything that can be done on a system.

Accepted Answer

Administrator, root, and superuser accounts have the ability to perform any task or change any setting on a system without any restrictions. They have complete access to all the files and directories on a system and hence, have the power to do anything that can be done on the system.

Question 9

Which of the following is the most effective password policy to enforce for system security?&#10;A)Setting password lengths to be 14 characters or more&#10;B)Setting the password history to be 20 or higher&#10;C)Setting a password expiration of 60 days&#10;D)Setting a minimum password age of 180 days or more

Accepted Answer

The answer of Which of the following is the most...

Question 10

The access control model that most closely resembles an organization's structure.&#10;A)MAC&#10;B)DAC&#10;C)RBAC&#10;D)RBOC

Accepted Answer

Role-Based Access Control (RBAC) is the access control model that most closely resembles an organization's structure. RBAC is based on roles that are defined within the organization such as manager, employee, or administrator, and access is granted based on these roles. This model is well-suited for organizations that have a hierarchical structure, as it allows for efficient and effective management of access rights. MAC (Mandatory Access Control) and DAC (Discretionary Access Control) are also access control models, but they are not as closely tied to the organization's structure as RBAC. RBOC is not a valid access control model.

Question 11

What is the process used to ensure that users have the correct rights to perform their jobs?&#10;A)Usage auditing&#10;B)Audit trails&#10;C)Privilege management&#10;D)Escalation auditing

Accepted Answer

The answer of What is the process used to ensure...

Question 12

What is the name of the process that controls access to information based on the sensitivity of that information and whether or not the user is operating at the appropriate sensitivity level and has the authority to access that information?

A)MAC
B)DAC
C)RBAC
D)RBOC

Accepted Answer

The answer of What is the name of the process...

Question 13

Minimum password age policy specifies the number of days a password may be used before it must be changed.

Accepted Answer

The answer of Minimum password age policy specifies the number...

Question 14

Your boss expressed concern about employees working on the network on weekends.She asks if there is something you can do to ensure that they do not have access.What would be the best way to accomplish this?

A)Publish a memo stating that employees will not be allowed to access the network on weekends.
B)Set time-of-day restrictions on employee accounts for the weekend.
C)Keep the building locked.
D)Set up closed-circuit TV cameras on employee workstations.

Accepted Answer

The answer of Your boss expressed concern about employees working...

Question 15

Which of the following is NOT an advantage of decentralized privilege management?&#10;A)It is highly flexible;changes can be made whenever they are needed.&#10;B)It does not require a dedicated set of personnel and resources.&#10;C)It reduces bureaucracy.&#10;D)Fewer people must be trained on tasks associated with privilege management.

Accepted Answer

The answer of Which of the following is NOT an...

Question 16

Which of the following is usually synonymous with a job or set of functions?&#10;A)Superuser&#10;B)Role&#10;C)Privilege&#10;D)Sign on

Accepted Answer

The answer of Which of the following is usually synonymous...

Question 17

Groups are assigned by location,not function.

Accepted Answer

The answer of Groups are assigned by location,not function....

Question 18

The lowest level of classified information,which is defined as information that would &#34;damage&#34; national security,is known as &#34;unclassified.&#34;

Accepted Answer

The answer of The lowest level of classified information,which is...

Question 19

A network administrator wants to be sure that when users change their passwords they do not reuse a previous password.What domain password policy will need to be configured?&#10;A)Enforce password history&#10;B)Maximum password age&#10;C)Minimum password age&#10;D)Minimum password length

Accepted Answer

The answer of A network administrator wants to be sure...

Question 20

Permissions are applied to users,not to groups.

Accepted Answer

The answer of Permissions are applied to users,not to groups....

Question 21

A user who can do anything on a system is known as a(n)________.

Accepted Answer

The answer of A user who can do anything on...

Question 22

Assigning permissions to a collection of users based on some common criteria is called ____________.

Accepted Answer

The answer of Assigning permissions to a collection of users...

Question 23

User account passwords can be set up to automatically expire.

Accepted Answer

The answer of User account passwords can be set up...

Question 24

Mandatory access control is the process of controlling access to information based on the sensitivity of that information,as well as whether or not the user is operating at the appropriate sensitivity level and has the authority to access that information.

Accepted Answer

The answer of Mandatory access control is the process of...

Question 25

_______________ control what the user is allowed to do with the objects on the system.

Accepted Answer

The answer of _______________ control what the user is allowed...

Question 26

_______________ tells the system how many passwords to remember and does not allow a user to reuse an old password.

Accepted Answer

The answer of _______________ tells the system how many passwords...

Question 27

Role-based access control is a method of managing access and privileges based on a set of predefined rules.

Accepted Answer

The answer of Role-based access control is a method of...

Question 28

A(n)_______________ is the unique alphanumeric identifier used by a user when logging into or accessing a system.

Accepted Answer

The answer of A(n)_______________ is the unique alphanumeric identifier used...

Question 29

What are the different methods of access management (MAC,DAC,RBAC)?

Accepted Answer

The answer of What are the different methods of access...

Question 30

What are the differences between user,group,and role management?

Accepted Answer

The answer of What are the differences between user,group,and role...

Question 31

_______________ is the process of restricting a user's ability to interact with the computer system.

Accepted Answer

The answer of _______________ is the process of restricting a...

Question 32

The process of restricting a user's ability to interact with the computer system is called __________.

Accepted Answer

The answer of The process of restricting a user's ability...

Question 33

Rights tend to be actions that deal with accessing the system itself,process control,and logging.

Accepted Answer

The answer of Rights tend to be actions that deal...

Question 34

What are password and domain password policies?

Accepted Answer

The answer of What are password and domain password policies?...

Question 35

_______________ encryption is a form of encryption that can be easily decrypted and is essentially the same as storing a plaintext version of the password.

Accepted Answer

The answer of _______________ encryption is a form of encryption...

Question 36

_______________ specifies the number of days a password may be used before it must be changed.

Accepted Answer

The answer of _______________ specifies the number of days a...

Question 37

Under privilege management,a(n)_______________ is a collection of users with some common criteria,such as a need for access to a particular dataset

Accepted Answer

The answer of Under privilege management,a(n)_______________ is a collection of...

Question 38

Windows operating systems use the concept of permissions AND rights to control access to files,folders,and information resources.

Accepted Answer

The answer of Windows operating systems use the concept of...

Question 39

Describe methods of account management (SSO,time of day,logical token,account expiration).

Accepted Answer

The answer of Describe methods of account management (SSO,time of...

Deck 22: Privilege Management