Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
18 Cards in this Set
- Front
- Back
What does RBAC an alternative for?
|
1. RBAC – is an altenative to all or nothing super user model
|
|
2. Rbac uses the security of _______ privledge.
|
2. Rbac uses the security of least privledge—only access you have is only related to your job
|
|
What does RBAC do?
|
3. Rbac makes it possible for a company to separate super users capabalities and assign the capabilities to specific users or to special user accts called roles
|
|
TRUE or FALSE
4. Roles can be assigned to specific persons, according to job needs |
True
|
|
What is the rights profile, what does it contain.
|
it lists the rights to run specific commands and apps with escalated priviledges Solaris
|
|
What are authorizations?
|
7. An authorization grants access to restricted functions and rbac compliant apps.
|
|
TRUE or FALSE
6. Roles can be assigned authorizations: |
TRUE
|
|
What is a function?
|
A function is like a command or a run command: only can run if ya authorized
|
|
Lipst the Four files that you need to know
|
/etc/user_attr
/etc/security/prof_attr /etc/security/policy.conf /etc/security/exec_attr |
|
8. Rbac compliant apps are linked to ___________ is used so rbac can check privledges
|
8. Rbac compliant apps are linked to libsecdv (it’s a database) is used so rbac can ck privledges
|
|
What does the /etc/user_attr file contain?
|
The /etc/user_attr file lists the rights profiles and authorizations associated with users and roles.
|
|
What is a role.
|
A role is a special identity, similar to a user account, for running privileged applications or commands that can be assumed by assigned users only.
|
|
TRUE or FALSE
It is possible to log on as role. |
FALSE
It’s not possible to log on as role |
|
what command do you use to log in to a role?
|
A role can only be used by switching the user to the role with the su command.
|
|
How do you find the rights assigned to a user.
|
The rights profiles assigned to a user can be listed with the “profiles” command or through the Solaris Management Console
|
|
What command can be used to assign rights profiles
|
Rights profiles can be assigned to a user account with the usermod command or the Solaris Management Console (SMC).
|
|
The roleadd command creates a role entry in which files?
|
The roleadd command creates a role entry in the /etc/passwd, /etc/shadow, and /etc/user_attr files.
|
|
List three profile shells.
|
Profile shells: pfsh, pfcsh, pfksh
|