logo image

INSY 4312 Ch2

Which form of access of control enforces security based on user identities and allows individual users to define access controls over owned resources?
DAC (Discretionary Access Control)
Which type of access control enforces on assigning privileges based on security clearance and data sensitivity?
MAC (Mandatory Access Control)
In which form of access control environment is access controlled by rules rather than by identity?
MAC
You have implemented an access control method that allows only users who are managers to access specific data. Which type of access control model is used?
RBAC (Role Based Access Control)
You have a system that allows the owner of a file to identify users and their permissions to the file. Which type of access control model is implemented?
DAC
Which of the following is the term for the process of validating a subject’s identity?
Authentication
Which of the following is used for identification?
Username
A remote access user needs to gain access resources on the server. Which of the processes are performed by the remote access server to control access to resources?
Authentication and authorization
Which of the following defines an object as used in access control?
Data, applications, systems, networks, and physical space.
Which access control model manages rights and permissions based on job descriptions and responsibilities?
RBAC
Which is the star property of Bell-LaPadula?
No write down
A Clark-Wilson model is primarily based on?
Controlled intermediary access applications
The Brewer-Nash model designed primarily to prevent?
Conflicts of interest
DAC manages access to resources using what primary element or aspect?
Identity
What form of access control is based on job descriptions?
RBAC
Which of the following is the strongest form of multi-factor authentication?
A password, a biometric scan and a token device
Which of the following advantages can Single sign-on (SSO) provide?
Access to all authorized resources with a single instance of authentication.
The eliminations of multiple user accounts and passwords for an individual.
Which of the following is an example of two factor authentication?
A token device and a PIN
Which of the following is an examples of three factor authentication?
Token device, keystroke analysis, cognitive question
Which of the following are example of Type II authentication credentials?
Smart card, photo id
Which of the following terms is used to describe an event in which a person is denied access to a system when they should be allowed to enter?
False negative
Which of the following is a hardware device that contains identification info and which can be used to control building access or computer logon?
Smart card
Match the authentication factor types
Pin- something you know
Smart card- something you have
Password- something you know
Retina scan- something you are
Fingerprint scan- something you are
Hardware token- something you have
Username- something you know
Voice recognition- something you are
Wi-fi triangulation- somewhere you are
Typing behaviors- something you do
Which of the following defines the crossover rate for evaluating biometric systems?
The point where the number of false positive matches the number of false negative
Which of the following are examples of single sign on authentication solutions?
Kerberos
Sesame
Which of the following is stronger than any biometric authentication factor?
A two-factor authentication
A device which is synchronized to an authentication server uses which type of authentication?
Synchronous token
The mathematical algorithm used by HMAC-based One-time passwords (HOTP) relies on two types of info to generate a new password based on the previously generated password.
Shared secret
Counter
The mathematical algorithm used to generate time-based one-time passwords (TOTP) uses a shared secret and a counter to generate a unique, one time password. Which event causes the counter to increment?
The passage of time
Which of the following info is typically not included in an access token?
User account password
To give Marcus the access he need, you make his user account a member of the Managers group. Later, Marcus tells you that he is unable to access the files reserved for the managers group. What should you do?
Have Marcus log off and log back on
Which of the following terms describes the component that is generated following authentication and which is used to gain access to resources following logon?
Access token
Which security mechanism uses a unique list for each object embedded directly in the object itself that defines which subjects have access to certain objects and the level or type of access allowed?
User ACL
Which of the following is an example of decentralized privilege management solution?
Workgroup
Match the active directory component
Holds a copy of the Active Directory database – domain controller

Manages access for a workstation – computer object

Manages access for an employee – user object

Can be created to logically organize network resources – organizational unit

Cannot be moved, rename, or deleted – generic container

Defines a collection of network resources that share a common directory database – domain

Click on the object in the TESTOUTDEMO.com Active Directory domain that is used to manage desktop workstation access.
CORPW57
What should be done to a user account if the user goes on an extended vacation?
Disable the account
Tom’s user account has been locked because he entered too many incorrect passwords. Click the tab in the properties of the Tom user object you would use to unlock his account.
Account
Tom is transferred to the Tech Support department. You need to add Tom’s user account to the Support Group in the Active Directory domain. Click the tab in the properties of Tom user object you would use to accomplish this.
Member of
During account set up, you assigned a password to the new account. You know that for security reasons the system admin should not know any user’s password. Click on the option you would use in the New Object – User dialog to remedy this situation.
User must change password at next logon
Adding an employee. Currently, permission to network resources are assigned directly to Craig’s user object. Because the new employee needs exactly the same level of access, you decide to simply copy Craig’s Active Directory domain user object and rename it with the new employee’s name. Will this work?
No, permission are not copied when a user account is copied.
One of your users, Karen Scott, has recently remarried and is now Karen Jones. She has requested that her username be changed from kscott to kjones, but no other values change. Which of the following commands will accomplish this?
Usermod -l kjones kscott
You have performed an audit and have found active accounts for employees who no longer work for the company. You want to disable those accounts. What command will disable a user account?
Usermod -L joer
An employee named Bob Smith, with username bsmith, has left the company. Which of the following commands will deleted his user account along with his home directory?
-usedel bsmith;rm -rf/home/bsmith
-userdel -r bsmith
in the /etc/shadow file, which character in the password field indicated that a standard user account is locked?
! or !!
Which of the following utilities would you typically use to lock a user account?
-Usermod
-passwd
you suspect that the gshant user account is locked. Which command will show the status of the user account?
passwd -S gshant
you are the administrator for a small company. you need to add a new group of users, name sales, to the system. which command will accomplish this?
groupadd sales
due to a merger with another company, standardization is now being imposed throughout the company. As a result, the sales group must be renamed marketing.
groupmod -n marketing sales
you have a group names temp_sales on your system. the group is no longer needed, and you should remove the group.
groupdel temp_sales
what is the effect of the following command? chane -M 60 -W 10 jsmith
sets the password for jsmith to expire 60 days and gives a warning 10 days before it expires.
what change opion keeps a user from changing password every two weeks?
-m 33
which of file should you edit to limit the amount of concurrent logins for a specific user?
/etc/security/limits.conf
Within the /etc/security/limits.conf file, you notice the following entry: @guests hard maxlogins 3
limits the number of max logins from the guest group to three
You want to ensure that all users in the Development OU have a common set of network communication security setting applied.
create a GPO computer policy for the computers in the Development OU have a common set of network communication security setting applied.
Computer policies include a special category called user rights. Which action do they allow an admin to perform?
identify users who can perform maintenance tasks on computers in an OU
which statement is true regarding application of GPO settings?
If a setting is defined in the local group policy on the computer and not defined in the GPO linked to the OU, the setting will be applied.

Need essay sample on "INSY 4312 Ch2"? We will write a custom essay sample specifically for you for only $ 13.90/page

Can’t wait to take that assignment burden offyour shoulders?

Let us know what it is and we will show you how it can be done!
×
Sorry, but copying text is forbidden on this website. If you need this or any other sample, please register

Already on Businessays? Login here

No, thanks. I prefer suffering on my own
Sorry, but copying text is forbidden on this website. If you need this or any other sample register now and get a free access to all papers, carefully proofread and edited by our experts.
Sign in / Sign up
No, thanks. I prefer suffering on my own
Not quite the topic you need?
We would be happy to write it
Join and witness the magic
Service Open At All Times
|
Complete Buyer Protection
|
Plagiarism-Free Writing

Emily from Businessays

Hi there, would you like to get such a paper? How about receiving a customized one? Check it out https://goo.gl/chNgQy

We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy