Chat with AIExam 12: Access Management
Exam 1: Introduction to Security50 Questions
Exam 2: Malware and Social Engineering Attacks50 Questions
Exam 3: Basic Cryptography50 Questions
Exam 4: Advanced Cryptography and PKI50 Questions
Exam 5: Networking and Server Attacks50 Questions
Exam 6: Network Security Devices, Design, and Technology50 Questions
Exam 7: Administering a Secure Network50 Questions
Exam 8: Wireless Network Security50 Questions
Exam 9: Client and Application Security50 Questions
Exam 10: Mobile and Embedded Device Security50 Questions
Exam 11: Authentication and Account Management50 Questions
Exam 12: Access Management50 Questions
Exam 13: Vulnerability Assessment and Data Security50 Questions
Exam 14: Business Continuity50 Questions
Exam 15: Risk Mitigation50 Questions
Select questions type
When LDAP traffic is made secure by using Secure Sockets Layer (SSL)or Transport Layer Security (TLS),what is this process called?
Free
(Multiple Choice)
4.8/5 
(28)
(28) Correct Answer:
Verified
VerifiedB
List three major access control models.
Free
(Essay)
4.8/5 (34)
(34) Correct Answer:Verified
VerifiedThere are five major access control models: Mandatory Access Control (MAC),Discretionary Access Control (DAC),Role Based Access Control (RBAC),Rule Based Access Control (RBAC),and Attribute-Based Access Control (ABAC).
Describe LDAP injection attacks.
Free
(Essay)
4.8/5 (36)
(36) Correct Answer:Verified
VerifiedA weakness of LDAP is that it can be subject to LDAP injection attacks.These attacks,similar to SQL injection attacks,can occur when user input is not properly filtered.This may allow an attacker to construct LDAP statements based on user input statements.The attacker could then retrieve information from the LDAP database or modify its content.The defense against LDAP injection attacks is to examine all user input before processing.
With the Discretionary Access Control (DAC)model,no object has an owner;the system has total control over that object.
(True/False)
4.9/5 (32)
(32) Which access control model that uses access based on a user's job function within an organization?
(Multiple Choice)
4.9/5 (34)
(34) A list that specifies which subjects are allowed to access an object and what operations they can perform on it is referred to as a(n):
(Multiple Choice)
4.7/5 (30)
(30) The action that is taken by a subject over an object is called a(n):
(Multiple Choice)
4.8/5 (28)
(28) Authentication,authorization,and accounting are sometimes called AAA.
(True/False)
4.8/5 (32)
(32) Although designed to support remote dial-in access to a corporate network,what service below is commonly used with 802.1x port security for both wired and wireless LANs?
(Multiple Choice)
4.9/5 (39)
(39) What kind of attack allows for the construction of LDAP statements based on user input statements,which can then be used to access the LDAP database or modify the database's information?
(Multiple Choice)
4.8/5 (40)
(40) Which access control model is considered to be the least restrictive?
(Multiple Choice)
5.0/5 (28)
(28) Which major types of access involving system resources are controlled by ACLs? (Choose all that apply. )
(Multiple Choice)
4.8/5 (37)
(37) What is the name for a predefined framework that can be used for controlling access,and is embedded into software and hardware?
(Multiple Choice)
4.8/5 (32)
(32) A vulnerable process that is divided between two or more individuals to prevent fraudulent application of the process is known as which of the following?
(Multiple Choice)
4.8/5 (42)
(42) What type of computer can forward RADIUS messages between RADIUS clients and RADIUS servers?
(Multiple Choice)
4.9/5 (31)
(31) What policy is designed to ensure that all confidential or sensitive materials,either in paper form or electronic,are removed from a user's workspace and secured when the items not in use or when employees leave their workspace?
(Multiple Choice)
4.8/5 (30)
(30) 
Filters
- Essay(0)
- Multiple Choice(0)
- Short Answer(0)
- True False(0)
- Matching(0)