Exam 12: Operational Support and Wireless Convergence

Correct Answer:

Verified

To determine what access privileges to assign, one model that should be used is role-based access control (RBAC). Instead of setting permissions for each user or group, permissions are assigned to a position ("role") and then users and other objects are assigned to that role. The users and objects inherit all of the permissions for the role. For example, instead of creating a user account Jeff.Butterfield and assigning privileges to that account, the role Comptroller can be created based on the privileges that position should have. Then the user can be assigned to that role. Individuals can hold multiple roles in RBAC.
The flexibility of RBAC makes it not only easier to establish permissions based on job classification but also facilitates enforcing those permissions. RBAC is considered a major step in keeping a WLAN secure.

Correct Answer:

Verified

A common misconception regarding security in an organization is that keeping wireless networks secure is the role of the technology staff and users have little to do with security. Nothing could be further from the truth. All computer users share responsibility for protecting the assets of an organization. Users need to receive training regarding the importance of securing information, the roles that they play in security, and the necessary steps they need to take to ward off attacks. Because new wireless attacks appear regularly and new security vulnerabilities are continuously being exposed, this training must be ongoing. User awareness is an essential element of security, demands that all users need continuous training in the new security defenses, and must be reminded of company security policies and procedures.