Exam 4: Access Control

__________ is the traditional method of implementing access control.

Access control is the central element of computer security.

An access right describes the way in which a subject may access an object.

The default set of rights should always follow the rule of least privilege orread-only access

The final permission bit is the _________ bit.

A __________ is a named job function within the organization that controls this computer system.

Security labels indicate which system entities are eligible to access certainresources.

Basic access control systems typically define three classes of subject: owner, __________ and world.

__________ provide a means of adapting RBAC to the specifics of administrative and security policies in an organization.

Reliable input is an access control requirement.

A __________ is an entity capable of accessing objects.

A(n) __________ is a resource to which access is controlled.

The three types of attributes in the ABAC model are subject attributes, object attributes, and _________ attributes.

The basic elements of access control are: subject, __________, and access right.

Subject attributes, object attributes and environment attributes are the three types of attributes in the __________ model.

A user program executes in a kernel mode in which certain areas of memoryare protected from the user's use and certain instructions may not be executed.

An auditing function monitors and keeps a record of user accesses tosystem resources.

Traditional RBAC systems define the access rights of individual users andgroups of users.

The __________ component deals with the management and control of theways entities are granted access to resources.

The __________ user ID is exempt from the usual file access control constraints and has system wide access.