logo image

Testout Practice Questions (2.3.4 – 4.10.3)

eut
thx
Which of the follow information is typically not included in an access token?
Group membership
User security identifier
User rights
*User account password*
Marcus White has just been promoted to a manger. To give him access to the files that needs, you make his user account a member of the Managers group which has access to a special shared folder.

Later that afternoon, Marcus tells you that he is still unable to access the files reserved for the Managers group. What should you do?

Manually refresh Group Policy settings on his computer
” ” on the file server
*Have Marcus log off and log back on*
Add his user account to the ACL for the shared folder
Which of the following terms describes the component that is generated following authentication and which is used to gain access to resources following logon?
Cookie
*Access token*
Account policy
Proxy
Which security mechanism uses a unique list for each object embedded directly in the object itself that defines which subjects have access to certain objects and the level or type of access allowed?
Hashing
*User ACL*
Kerberos
Mandatory Access Control
Which type of media preparation is sufficient for media that will be reused in a different security context within your organization?
*Sanitization*
Formatting
Deleting
Destruction
Which of the following is an example of privilege escalation?
Principle of least privileges
Mandatory vacations
*Creeping privileges*
Separation of duties
Which security principle prevents any one admin from having sufficient access to compromise the security of the overall IT solution?
Need to know
*Separation of Duties*
Principle of least privilege
Dual admin accounts
By assigning access permissions so that users can only access those resources which are req to accomplish their specific work tasks, you would be in compliance with?
Need to know
*Principle of least privilege*
Cross training
Job rotation
An access control list contains a list of users and allowed permissions. What is it called if the ACL automatically prevents access to anyone *not* on the list?
Implicit allow
Explicit allow
Explicit deny
*Implicit deny*
You want to make sure that any reimbursement checks issued by your company cannot be issued by a single person. Which principle should you implement to accomplish this goal?
Job rotation
Mandatory vacations
Least privilege
Implicit deny
*Separation of duties*
You are concerned that the accountant in your organization might have the chance to modify the books and steal from the company. You want to periodically have another person take over all accounting responsibilities to catch any irregularities.
Which solution should you implement?
Need to know
Separation of duties
Least privilege
*Job rotation*
Explicit deny
You want to implement an ACL where only the users you specifically authorize have access to the resources. Anyone not on the list should be prevented from having access.
Which of the following will the access list use?
Implicit allow, explicit deny
*Explicit allow, implicit deny*
Implicit allow, implicit deny
Explicit allow, explicit deny
Which of the following principles is implemented in a mandatory access control model to determine access to an object using classification levels?
Ownership
Separation of duties
*Need to know*
Least privilege
Clearance
What is the primary purpose of separation of duties?
*Prevents conflicts of interest*
Grant a greater range of control to senior management
Increase the difficulty in performing administration
Inform managers that they are not trusted
Separation of duties is an example of which type of access control?
*Preventative*
Compensative
Corrective
Detective
Need to know is req to access which types of resources?
Resources with unique ownership
*Compartmentalized resources*
Low-security resources
High-security resources
Which of the following is an example of a decentralized privilege management solution?
TACACS+
*Workgroup*
Active Directory
Radius
Match the Active Directory component on the left w/ the appropriate description on the right.
Holds a copy.. *Domain Controller*
Manages access for a workstation.. *Computer Object*
Manages access for an employee.. *User Object*
Can be created.. *Organizational Unit*
Cannot be move.. *Generic Container*
Defines a collection.. *Domain*

Need essay sample on "Testout Practice Questions (2.3.4 – 4.10.3)"? We will write a custom essay sample specifically for you for only $ 13.90/page

Can’t wait to take that assignment burden offyour shoulders?

Let us know what it is and we will show you how it can be done!
×
Sorry, but copying text is forbidden on this website. If you need this or any other sample, please register

Already on Businessays? Login here

No, thanks. I prefer suffering on my own
Sorry, but copying text is forbidden on this website. If you need this or any other sample register now and get a free access to all papers, carefully proofread and edited by our experts.
Sign in / Sign up
No, thanks. I prefer suffering on my own
Not quite the topic you need?
We would be happy to write it
Join and witness the magic
Service Open At All Times
|
Complete Buyer Protection
|
Plagiarism-Free Writing

Emily from Businessays

Hi there, would you like to get such a paper? How about receiving a customized one? Check it out https://goo.gl/chNgQy

We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy