• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/50

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

50 Cards in this Set

  • Front
  • Back
Which of the following access control methods gives the owner control over providing permissions?
a. Role-Based Access Control (RBAC)
b. Rule-Based Access control (RBAC)
c. Mandatory Access Control (MAC)
d. Discretionary Access Control (DAC)
d. Discretionary Access Control (DAC)
Which of the following access control methods grants permissions based on the users position in the company?
a. Mandatory Access Control (MAC)
b. Rule-Based Access control (RBAC)
c. Discretionary Access Control (DAC)
d. Role-Based Access Control (RBAC)
d. Role-Based Access Control (RBAC)
Which of the following access control methods includes switching work assignments at preset intervals?
a. Job rotation
b. Mandatory vacations
c. Least privilege
d. Separation of duties
a. Job rotation
Which of the following is an example of security personnel that administer access control functions, but do not administer audit functions?
a. Access enforcement
b. Separation of duties
c. Least privilege
d. Account management
b. Separation of duties
Which of the following principles should be applied when assigning permissions?
a. Most privilege
b. Least privilege
c. Rule based
d. Role based
b. Least privilege
User A is a member of the payroll security group. Each member of the group should have read/write permissions to a share. User A was trying to update a file but when the user tried to access the file the user was denied. Which of the following would explain why User A could not access the file?
a. Privilege escalation
b. Rights are not set correctly
c. Least privilege
d. Read only access
b. Rights are not set correctly
Which of the following should a technician review when a user is moved from one department to another?
a. User access and rights
b. Data storage and retention policies
c. Users group policy
d. Acceptable usage policy
a. User access and rights
A technician is reviewing the logical access control method an organization uses. One of the senior managers requests that the technician prevent staff members from logging on during non-working days. Which of the following should the technician implement to meet managements request?
a. Enforce Kerberos
b. Deploy smart cards
c. Time of day restrictions
d. Access control lists
c. Time of day restrictions
Which of the following statements BEST describes the implicit deny concept?
a. Blocks everything and only allows privileges based on job description
b. Blocks everything and only allows explicitly granted permissions
c. Blocks everything and only allows the minimal required privileges
d. Blocks everything and allows the maximum level of permissions
b. Blocks everything and only allows explicitly granted permissions
Which of the following creates a security buffer zone between two rooms?
a. Mantrap
b. DMZ
c. Turnstile
d. Anti-pass back
a. Mantrap
While conducting a review of the system logs, a user had attempted to log onto the network over 250 times. Which of the following type of attacks is MOST likely occurring?
a. Brute force
b. Phishing
c. Spamming
d. DNS spoofing
a. Brute force
A user was trying to update an open file but when they tried to access the file they were denied. Which of the following would explain why the user could not access the file?
a. Audit only access
b. Execute only access
c. Rights are not set correctly
d. Write only access
c. Rights are not set correctly
Which of the following would allow an administrator to find weak passwords on the network?
a. A network mapper
b. A hash function
c. A password generator
d. A rainbow table
d. A rainbow table
A company uses a policy of assigning passwords to users, by default the passwords are based off of the word $ervicexx, where xx is the last two numbers of the users cell phone number. The users are not required to change this password. Which of the following is this an example of?
a. Default accounts
b. Known plain text
c. Back door
d. Weak passwords
d. Weak passwords
An administrator notices that former temporary employees accounts are still active on a domain. Which of the following can be implemented to increase security and prevent this from happening?
a. Run a last logon script to look for inactive accounts.
b. Implement an account expiration date for temporary employees.
c. Implement a password expiration policy.
d. Implement time of day restrictions for all temporary employees.
b. Implement an account expiration date for temporary employees.
A company decides that the purchasing agent and the accounts receivable agent should exchange positions in order to allow for more oversight of past transactions. Which of the following is this an example of?
a. Least privilege
b. Implicit deny
c. Separation of duties
d. Job rotation
d. Job rotation
A user complains that the color laser printer continuously gives an access denied message while attempting to print a text document. The administrator logs onto the PC and prints successfully. Which of the following should the administrator check FIRST?
a. That the printer has the correct size of paper in each of the trays
b. That the toner should be changed in the printer
c. That the user has sufficient rights to print to the printer
d. That the user is attempting to print to the correct printer tray
c. That the user has sufficient rights to print to the printer
Which of the following allows a technician to view the security permissions of a file?
a. The access control list
b. The security baseline
c. The data emanation
d. The local security template
a. The access control list
A user is denied access to a file. The user had access to the file yesterday. Which of the following is the FIRST action for the technician to take?
a. Deny the users request and forward to the human resources department.
b. Reboot the system.
c. Verify that the users permissions are correct.
d. Grant access to the file.
c. Verify that the users permissions are correct.
A flat or simple role-based access control (RBAC) embodies which of the following principles?
a. Users assigned to roles, permissions are assigned to groups, controls applied to groups and permissions acquired by controls
b. Users assigned permissions, roles assigned to groups and users acquire additional permissions by being a member of a group
c. Roles applied to groups, users assigned to groups and users acquire permissions by being a member of the group
d. Users assigned to roles, permissions are assigned to roles and users acquire permissions by being a member of the role
d. Users assigned to roles, permissions are assigned to roles and users acquire permissions by being a member of the role
A number of unauthorized staff has been entering the data center by piggybacking authorized staff. The CIO has mandated that this behavior stops. Which of the following is the BEST technology to install at the data center to prevent piggybacking?
a. Mantrap
b. Security badges
c. Hardware locks
d. Token access
a. Mantrap
Which of the following physical threats is prevented with mantraps?
a. Piggybacking
b. Social engineering
c. Dumpster diving
d. Shoulder surfing
a. Piggybacking
Which of the following would a password cracker help an administrator to find?
a. Weak passwords
b. Expired passwords
c. Locked passwords
d. Backdoor passwords
a. Weak passwords
Which of the following concepts, requires users and system processes to be assigned minimum levels of permission to carry out the assigned task?
a. User authentication
b. Need-to-know
c. Least privilege
d. Job role
c. Least privilege
The data custodian in an organization is responsible for:
a. recoverability of the data.
b. classification of the data.
c. completeness of the data.
d. accuracy of the data
a. recoverability of the data.
Human Resources has requested that staff members be moved to different parts of the country into new positions. Which of the following is this an example of?
a. Implicit deny
b. Separation of duties
c. Least privilege
d. Job rotation
d. Job rotation
An administrator is asked to improve the physical security of a data center located inside the office building. The data center already maintains a physical access log and has a video surveillance system. Which of the following additional controls could be implemented?
a. Defense-in-depth
b. Logical token
c. ACL
d. Mantrap
d. Mantrap
Which of the following is the MOST efficient way that an administrator can restrict network access to certain ports enterprise wide?
a. HIDS
b. Personal software firewall
c. NIDS
d. ACL
d. ACL
Which of the following does the process of least privilege fall under?
a. Integrity
b. Non-repudiation
c. Confidentiality
d. Availability
c. Confidentiality
Which of the following will allow a technician to restrict a users access to the GUI?
a. Access control lists
b. Group policy implementation
c. Use of logical tokens
d. Password policy enforcement
b. Group policy implementation
Which of the following is the MOST common logical access control method?
a. Access control lists
b. Usernames and password
c. Multifactor authentication
d. Security ID badges
b. Usernames and password
When designing a firewall policy, which of the following should be the default action?
a. Least privilege
b. Implicit allow
c. DMZ
d. Implicit deny
d. Implicit deny
Restricting access to files based on the identity of the user or group is an example of which of the following?
a. CRL
b. PKI
c. MAC
d. DAC
d. DAC
Restricting access to files based on the identity of the user or group and security classification of the information is an example of which of the following?
a. RBAC
b. DAC
c. NTFS
d. MAC
d. MAC
Which of the following would be a method of securing the web browser settings on all network workstations?
a. Internet content filter
b. Group policy
c. Control panel
d. P2P software
b. Group policy
Which of the following is the weakest password?
a. Indu5tr1als
b. F%r3Walke3r
c. C0mpt!a2**8
d. P^s5W0rd
a. Indu5tr1als
A manager needs to control employee overtime. Which of the following would BEST allow for the manager to control when the employees are on the network?
a. Access control list
b. User account expiration
c. Time of day restriction
d. Domain password policy
c. Time of day restriction
After a period of high employee turnover, which of the following should be implemented?
a. A review of NTLM hashes on the domain servers
b. A review of group policies
c. A review of user access and rights
d. A review of storage and retention policies
c. A review of user access and rights
Which of the following can be used to centrally manage security settings?
a. Cross-site scripting
b. Group policy
c. Service pack
d. NIDS
b. Group policy
Which of the following would BEST prevent night shift workers from logging in with IDs and passwords stolen from the day shift workers?
a. Account expiration
b. Time of day restriction
c. Account lockout
d. Domain password policy
b. Time of day restriction
Personal software firewalls can be updated automatically using:
a. group policy.
b. cookies.
c. cross-site scripting.
d. corporate hardware firewalls.
a. group policy.
All of the following are logical access control methods EXCEPT:
a. biometrics.
b. ACL.
c. software token.
d. group policy.
a. biometrics.
A technician is reviewing the system logs for a firewall and is told that there is an implicit deny within the ACL. Which of the following is an example of an implicit deny?
a. An ACL is a way to secure traffic from one network to another.
b. An implicit deny statement denies all traffic from one network to another.
c. Items which are not specifically given access are denied by default.
d. Each item is denied by default because of the implicit deny.
c. Items which are not specifically given access are denied by default.
Computer equipment has been stolen from a companys office. To prevent future thefts from occurring and to safeguard the companys trade secrets which of the following should be implemented?
a. Video surveillance and access logs
b. ID badges and passwords
c. Multifactor authentication
d. Hardware locks and door access systems
d. Hardware locks and door access systems
According to industry best practices, administrators should institute a mandatory rotation of duties policy due to which of the following?
a. To detect outside attackers
b. To detect malware
c. To detect viruses
d. To detect an inside threat
d. To detect an inside threat
Network security administrators should implement which of the following to ensure system abuse by administrators does not go undetected in the logs?
a. Acceptable use policy
b. Separation of duties
c. Implicit deny
d. Least privilege
b. Separation of duties
An administrator wants to implement a procedure to control inbound and outbound traffic on a network segment. Which of the following would achieve this goal?
a. NIDS
b. HIDS
c. ACL
d. Proxy
c. ACL
Which of the following is the BEST security measure to use when implementing access control?
a. Password complexity requirements
b. Time of day restrictions
c. Changing default passwords
d. Disabling SSID broadcast
a. Password complexity requirements
When would it be appropriate to use time of day restrictions on an account?
a. In order to ensure false positives are not received during baseline testing
b. To ensure the DMZ is not overloaded during server maintenance
c. To eliminate attack attempts of the network during peak hours
d. As an added security measure if employees work set schedules
d. As an added security measure if employees work set schedules
Which of the following can reduce the risk associated with password guessing attacks? (Select TWO).
a. Implement single sign-on.
b. Implement shared passwords.
c. Implement account-lockout thresholds.
d. Implement shadow passwords.
e. Implement stronger password complexity policies.
c. Implement account-lockout thresholds.
e. Implement stronger password complexity policies.