merkow_tb_10

merkow_tb_10 - CHAPTER 10: ACCESS CONTROL SYSTEMS AND...

Info iconThis preview shows pages 1–4. Sign up to view the full content.

View Full Document Right Arrow Icon
CHAPTER 10: ACCESS CONTROL SYSTEMS AND METHODOLOGY Multiple Choice: 1. A user’s offline identity includes name, initials, or e-mail address and makes up the ____________. A. Authentication credentials B. Identification credentials C. Information owner D. Access control list Answer: B Reference: Terms and Concepts Difficulty: moderate 2. Verification of one’s identification credential is done with the ____________. A. Authentication credentials B. Information owner C. Access control list D. Discretionary access control Answer: A Reference: Terms and Concepts Difficulty: moderate 3. The ____________ maintains overall responsibility for and makes the decisions about who uses the system. A. Authentication credentials B. Information owner C. Access control list D. Discretionary Answer: B Reference: Terms and Concepts Difficulty: moderate 4. The principle of ____________ says that the information owner is the one who decides who gets to access the system. A. ACL B. Least privilege C. DAC
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
D. RSS Answer: C Reference: Terms and Concepts Difficulty: moderate 5. With nondiscretionary access control in use, the system uses ____________ to determine who gains access to information A. Programs, MAC B. ACL, objects, information C. Objects, subjects, data D. Subjects, objects, labels Answer: D Reference: Mandatory Access Control Difficulty: difficult 6. The elements within the information system that are protected from use or access are defined as ____________. A. Subjects B. Objects C. Labels D. All of the above Answer: B Reference: Mandatory Access Control Difficulty: moderate 7. ____________ are the people or systems that are granted a clearance to access an object in an information system. A. Subjects B. Labels C. MAC D. RBAC Answer: A Reference: Mandatory Access Control Difficulty: moderate 8. ____________ is used to reduce time by grouping users with a common access need. A. ACLD B. DACS C. MACP D. RBAC
Background image of page 2
Answer: D Reference: Role-Based Access Control Difficulty: easy 9. The U.S. government classification label where the unauthorized disclosure of information may seriously damage national security is ____________. A.
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 4
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 8

merkow_tb_10 - CHAPTER 10: ACCESS CONTROL SYSTEMS AND...

This preview shows document pages 1 - 4. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online