Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Exam 9: Access Control Fundamentals

arrow
Exam 1: Introduction to Security42 Questionsadd course
Exam 2: Malware and Social Engineering Attacks42 Questionsadd course
Exam 3: Application and Network Attacks42 Questionsadd course
Exam 4: Vulnerability Assessment and Mitigating Attacks42 Questionsadd course
Exam 5: Host, Application, and Data Security42 Questionsadd course
Exam 6: Network Security42 Questionsadd course
Exam 7: Administering a Secure Network42 Questionsadd course
Exam 8: Wireless Network Security42 Questionsadd course
Exam 9: Access Control Fundamentals42 Questionsadd course
Exam 10: Authentication and Account Management42 Questionsadd course
Exam 11: Basic Cryptography42 Questionsadd course
Exam 12: Advanced Cryptography42 Questionsadd course
Exam 13: Business Continuity42 Questionsadd course
Exam 14: Risk Mitigation42 Questionsadd course
Select questions type
  • Essay
  • Multiple Choice
  • Short Answer
  • True False
  • Matching
  • Select Tags
search iconSearch Question
flashcardsStudy Flashcards
Select questions type
  • Essay
  • Multiple Choice
  • Short Answer
  • True False
  • Matching
  • Select Tags

List the steps for RADIUS authentication with a wireless device in an IEEE 802.1x network.

Free
(Essay)
4.8/5
(39)
Question 1
Correct Answer:
Verified

1. A wireless device, called the supplicant (it makes an "appeal" for access), sends a request to an AP requesting permission to join the WLAN. The AP prompts the user for the user ID and password.
2. The AP, serving as the authenticator that will accept or reject the wireless device, creates a data packet from this information called the authentication request.
3. When an authentication request is received, the RADIUS server validates that the request is from an approved AP and then decrypts the data packet to access the username and password information. This information is passed on to the appropriate security user database.
4. If the username and password are correct, the RADIUS server sends an authentication acknowledgment that includes information on the user's network system and service requirements.
5. If accounting is also supported by the RADIUS server, an entry is started in the accounting database.
6. Once the server information is received and verified by the AP, it enables the necessary configuration to deliver the wireless services to the user.

Authorization and access are viewed as synonymous and in access control, they are the same step.

Free
(True/False)
4.9/5
(30)
Question 2
Correct Answer:
Verified

False

During RADIUS authentication the AP, serving as the authenticator that will accept or reject the wireless device, creates a data packet from this information called the ____.

Free
(Multiple Choice)
4.8/5
(36)
Question 3
Correct Answer:
Verified

D

A(n) ____ is a set of permissions that are attached to an object.

(Multiple Choice)
4.9/5
(33)
Question 4

Describe how Kerberos works.

(Essay)
4.8/5
(31)
Question 5

The capability to look up information by name under the X.500 standard is known as a(n) ____________________-pages service.

(Short Answer)
4.8/5
(23)
Question 6

Discuss the differences between DAP and LDAP.

(Essay)
4.8/5
(28)
Question 7

____ accounts are user accounts that remain active after an employee has left an organization.

(Multiple Choice)
4.8/5
(39)
Question 8

A user or a process functioning on behalf of the user that attempts to access an object is known as the ____.

(Multiple Choice)
4.9/5
(46)
Question 9
Match each term with the correct statement below.
Premises:
Responses:
A database stored on the network itself that contains information about users and network devices
Access
The right given to access
End user
Validating credentials as genuine
Authorization
Correct Answer:
Verified
Premises:
Responses:
A database stored on the network itself that contains information about users and network devices
Access
The right given to access
End user
Validating credentials as genuine
Authorization
Granting permission to take an action
Authentication
A specific resource, such as a file or a hardware device
Identification
A review of credentials
Custodian
Individual to whom day-to-day actions have been assigned
Object
User who accesses information in the course of routine job responsibilities
Directory service
(Matching)
4.8/5
(27)
Question 10

Describe the two key elements of the MAC model.

(Essay)
4.8/5
(26)
Question 11

____ is often used for managing user access to one or more systems.

(Multiple Choice)
5.0/5
(35)
Question 12

In the UAC dialog boxes, the color ____ indicates the lowest risk.

(Multiple Choice)
4.8/5
(38)
Question 13

The action that is taken by the subject over the object is called a(n) ____.

(Multiple Choice)
4.8/5
(33)
Question 14

In the DAC model, ____________________ can create and access their objects freely.

(Short Answer)
4.8/5
(34)
Question 15

Entries in the DIB are arranged in a tree structure called the ____.

(Multiple Choice)
4.9/5
(35)
Question 16

A(n) ____ model is a standard that provides a predefined framework for hardware and software developers who need to implement access control in their devices or applications.

(Multiple Choice)
4.8/5
(31)
Question 17

Discuss the two significant weaknesses of DAC.

(Essay)
4.9/5
(33)
Question 18

Describe LDAP injection attacks.

(Essay)
4.7/5
(41)
Question 19

____ indicates when an account is no longer active.

(Multiple Choice)
4.9/5
(35)
Question 20
Showing 1 - 20 of 42
close modal

Filters

  • Essay(0)
  • Multiple Choice(0)
  • Short Answer(0)
  • True False(0)
  • Matching(0)