Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 5: Access Control

Full screen (f)
exit full mode
Question
Which of the following can negate the strength of two-factor authentication?

A) Trojan horses and man-in-the-middle attacks
B) Trojan horses and single point of entry attacks
C) Terrorist attacks and man-in-the-middle attacks
D) Terrorist attacks and dumpster diving
Use Space or
up arrow
down arrow
to flip the card.
Question
Which of the following is FALSE in regard to the comparison of access control to RBAC and individual accounts?

A) RBAC is less prone to error
B) RBAC is more expensive
C) RBAC has fewer assignments to make
D) RBAC is cheaper
Question
A person or process that requests access is known as the supplicant.
Question
RBAC stands for role-based access control.
Question
Typically, military and national security organizations have a multilevel security system.
Question
Which of the following is NOT one of the rules for working in secure areas?

A) Electronic devices that can record or copy mass amounts of information should be forbidden in secure areas.
B) When no one is in a secure area, it should be locked and verified periodically.
C) Unsupervised work in secure areas should be avoided.
D) No one should be allowed to work in secure areas for more than seven hours to align with security rules.
Question
In regard to COBIT, entry must be all of the following EXCEPT ________.

A) authorized
B) logged
C) monitored
D) visually recorded
Question
Computer attacks rarely take place remotely over networks.
Question
Media such as cameras and mobile phones with cameras in secured areas may allow a physical penetration attacker to steal information.
Question
Passwords that you use for weeks or months are known as ________ passwords.

A) reusable
B) one-time
C) complex
D) strong
Question
The International Data Corporation estimates that ________ percent of all accounts in larger corporations are inappropriate.

A) 20 to 40
B) approximately 25
C) approximately 35
D) 30 to 60
Question
________ is having the ability to create a new password for an account.

A) A password reset
B) A password management program
C) A system reset
D) An assertion
Question
What approximate percentage of calls to help desks involve lost passwords?

A) More than half
B) Approximately a quarter to a third
C) Approximately half
D) 30 to 60
Question
Which of the following passwords is NOT in the top five most common for two real-world data breaches mentioned in the text?

A) 111111
B) 123456
C) qwerty
D) iloveyou
Question
Which of the following passwords is considered the MOST common for two real-world data breaches mentioned in the text?

A) 111111
B) 123456
C) qwerty
D) iloveyou
Question
For group or team work in a company, it is often recommended that all group members share a single account and, therefore, a single password.
Question
If a systems administrator assigns access permissions to a group, the accounts of the individual members of that group automatically inherit those permissions.
Question
Usernames and passwords are rarely a target for hackers due to the difficulty in cracking them.
Question
A(n) ________ is made of plastic and is approximately the size of a credit or debit card.

A) access card
B) biometric card
C) token
D) RFID
Question
The simplest access card use a ________.

A) chip
B) token
C) PIN
D) magnetic strip
Question
Magnetic stripe cards are________, only containing data; smart cards are ________.

A) passive; active
B) physical; virtual
C) not secure; secure
D) new technology; old technology
Question
A(n) ________ is something that represents something else.

A) access card
B) RFID
C) token
D) template
Question
A PIN is typically ________.

A) four to six digits
B) four to six characters
C) at least six digits
D) at least 10 digits
Question
A physical access card and a PIN are an example of ________.

A) biometric authentication
B) public key infrastructure
C) public key-private key pairs
D) two-factor authentication
Question
A proximity access token contains a small ________ as a new alternative to physical security.

A) USB token
B) RFID
C) one-time password token
D) public key-private key
Question
A USB token is a small device that plugs into a computer's USB port to identify the owner.
Question
For easy remembering, many companies suggest that you record a PIN that you've selected on the physical access card you've been given.
Question
During enrollment in a biometric authentication system, step 1 is that the ________.

A) reader scans each person's biometric data
B) reader processes the enrollment scan data
C) reader sends key feature data to the database
D) key feature data is used as a template
Question
When a reader in a biometric authentication system scans a person's biometric data, what is used?

A) The entire data set that is processed
B) The first 1056 bytes of data
C) The first 256 characters of data
D) A few key features
Question
When a user is scanned a second time, the reader in a biometric authentication system processes the ________ information to create key features.

A) user access data
B) supplicant scanning
C) acceptance
D) match index
Question
________ refers to accuracy when a supplicant is not trying to deceive the system.

A) Error rate
B) Supplicant scanning
C) Acceptance
D) Match index
Question
________ occurs if a system will not enroll a user.

A) TGT
B) FTE
C) RFID
D) PKI
Question
In, ________ the verifier determines whether the supplicant is a particular person.

A) verification
B) acceptance
C) supplicant scanning
D) match index
Question
In, ________ the verifier determines whether the supplicant is a particular person.

A) verification
B) acceptance
C) supplicant scanning
D) match index
Question
Which of the following statements accurately describes fingerprint recognition?

A) Fingerprint recognition is fairly unknown to the general population.
B) Fingerprint scanners account for just a small fraction of the total biometrics market.
C) Fingerprint recognition scanners are very expensive.
D) Fingerprint recognition technology is well developed.
Question
The false acceptance rate increases as the number of templates increases.
Question
PKI servers must support the downloading of ________ and must respond to ________ queries.

A) CRLs; OCSP
B) PKIs; CA
C) CRLs; CA
D) HMACs; CA
Question
The labor costs of provisioning are very expensive.
Question
It is rarely safe to accept a digital certificate from a supplicant.
Question
Authorizations for individuals can also be referred to as ________.

A) user access data
B) permissions
C) supplicant scanning
D) acceptance
Question
In planning authorizations, it is important to follow ________.

A) the principle of minimum identity data
B) two-factor authentication
C) multifactor authentication
D) the principle of least permissions
Question
In following the principle of least permissions, each person should only get the permissions that he or she absolutely needs to do his or her job.
Question
Assigning least permissions means that the system tends to fail safely.
Question
Which of the following is FALSE about log files?

A) Automatic alerts should be established.
B) Log files should be read regularly.
C) External auditing should be conducted periodically.
D) Reading log files is an easy and minimally time-consuming process.
Question
________ records the actions that an account owner takes on a resource.

A) Logging
B) Authenticating
C) Verifying
D) Authorizing
Question
Unless logs are studied, they are useless.
Question
Auditing predicts what a person or program is likely to do in the future.
Question
Which of the following is NOT a part of central authentication servers?

A) They reduce costs.
B) They give consistency in authentication no matter where a user or attacker comes into the network.
C) They only allow authentication to networks when employees are at the same physical locations as the servers.
D) They allow company-wide changes to be made instantly.
Question
Which of the following is arguably the most popular central authentication server standard?

A) Kerberos
B) RADIUS
C) LDAP
D) MS-CHAP
Question
Central authentication servers are quite expensive and tend to not reduce costs for a company.
Question
The most widely used standard for central authentication servers is RADIUS.
Question
Most companies use ________ to store data centrally in their firms.

A) Domain controller servers
B) directory servers
C) authentication servers
D) RADIUS servers
Question
A directory server database schema is a hierarchical collection of ________.

A) objects
B) USB tokens
C) one-time password token
D) public keys
Question
In a hierarchical database system, O represents ________ and OU represents ________.

A) organization; organizational unit
B) organization; organized understanding
C) one-time; one-time user
D) organized; organized user
Question
Authentication servers communicate with directory servers using ________.

A) MS-Chap
B) LDAP
C) RADIUS
D) Kerberos
Question
Microsoft's directory server product is called ________.

A) MS-Chap
B) AD
C) RADIUS
D) Kerberos
Question
Directory servers are central repositories for information about people, equipment, software, and databases.
Question
The OU is a shortcut way of referring to a node.
Question
Nearly all directory servers support LDAP.
Question
Trust means that one directory server will accept information from another.
Question
In federated identity management, firms ________.

A) send assertions to one another
B) query one another's identity management databases
C) authenticate users
D) provide verification
Question
Which of the following is NOT one of the three major elements of an assertion?

A) Authenticity
B) Authorization
C) Attributes
D) Nodes
Question
A potential benefit of identity management is ________.

A) SAML
B) MS-Chap
C) SSO
D) XML
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/63
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 5: Access Control
1
Which of the following can negate the strength of two-factor authentication?

A) Trojan horses and man-in-the-middle attacks
B) Trojan horses and single point of entry attacks
C) Terrorist attacks and man-in-the-middle attacks
D) Terrorist attacks and dumpster diving
Trojan horses and man-in-the-middle attacks
2
Which of the following is FALSE in regard to the comparison of access control to RBAC and individual accounts?

A) RBAC is less prone to error
B) RBAC is more expensive
C) RBAC has fewer assignments to make
D) RBAC is cheaper
RBAC is more expensive
3
A person or process that requests access is known as the supplicant.
True
4
RBAC stands for role-based access control.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
5
Typically, military and national security organizations have a multilevel security system.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
6
Which of the following is NOT one of the rules for working in secure areas?

A) Electronic devices that can record or copy mass amounts of information should be forbidden in secure areas.
B) When no one is in a secure area, it should be locked and verified periodically.
C) Unsupervised work in secure areas should be avoided.
D) No one should be allowed to work in secure areas for more than seven hours to align with security rules.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
7
In regard to COBIT, entry must be all of the following EXCEPT ________.

A) authorized
B) logged
C) monitored
D) visually recorded
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
8
Computer attacks rarely take place remotely over networks.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
9
Media such as cameras and mobile phones with cameras in secured areas may allow a physical penetration attacker to steal information.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
10
Passwords that you use for weeks or months are known as ________ passwords.

A) reusable
B) one-time
C) complex
D) strong
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
11
The International Data Corporation estimates that ________ percent of all accounts in larger corporations are inappropriate.

A) 20 to 40
B) approximately 25
C) approximately 35
D) 30 to 60
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
12
________ is having the ability to create a new password for an account.

A) A password reset
B) A password management program
C) A system reset
D) An assertion
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
13
What approximate percentage of calls to help desks involve lost passwords?

A) More than half
B) Approximately a quarter to a third
C) Approximately half
D) 30 to 60
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
14
Which of the following passwords is NOT in the top five most common for two real-world data breaches mentioned in the text?

A) 111111
B) 123456
C) qwerty
D) iloveyou
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
15
Which of the following passwords is considered the MOST common for two real-world data breaches mentioned in the text?

A) 111111
B) 123456
C) qwerty
D) iloveyou
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
16
For group or team work in a company, it is often recommended that all group members share a single account and, therefore, a single password.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
17
If a systems administrator assigns access permissions to a group, the accounts of the individual members of that group automatically inherit those permissions.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
18
Usernames and passwords are rarely a target for hackers due to the difficulty in cracking them.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
19
A(n) ________ is made of plastic and is approximately the size of a credit or debit card.

A) access card
B) biometric card
C) token
D) RFID
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
20
The simplest access card use a ________.

A) chip
B) token
C) PIN
D) magnetic strip
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
21
Magnetic stripe cards are________, only containing data; smart cards are ________.

A) passive; active
B) physical; virtual
C) not secure; secure
D) new technology; old technology
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
22
A(n) ________ is something that represents something else.

A) access card
B) RFID
C) token
D) template
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
23
A PIN is typically ________.

A) four to six digits
B) four to six characters
C) at least six digits
D) at least 10 digits
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
24
A physical access card and a PIN are an example of ________.

A) biometric authentication
B) public key infrastructure
C) public key-private key pairs
D) two-factor authentication
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
25
A proximity access token contains a small ________ as a new alternative to physical security.

A) USB token
B) RFID
C) one-time password token
D) public key-private key
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
26
A USB token is a small device that plugs into a computer's USB port to identify the owner.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
27
For easy remembering, many companies suggest that you record a PIN that you've selected on the physical access card you've been given.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
28
During enrollment in a biometric authentication system, step 1 is that the ________.

A) reader scans each person's biometric data
B) reader processes the enrollment scan data
C) reader sends key feature data to the database
D) key feature data is used as a template
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
29
When a reader in a biometric authentication system scans a person's biometric data, what is used?

A) The entire data set that is processed
B) The first 1056 bytes of data
C) The first 256 characters of data
D) A few key features
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
30
When a user is scanned a second time, the reader in a biometric authentication system processes the ________ information to create key features.

A) user access data
B) supplicant scanning
C) acceptance
D) match index
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
31
________ refers to accuracy when a supplicant is not trying to deceive the system.

A) Error rate
B) Supplicant scanning
C) Acceptance
D) Match index
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
32
________ occurs if a system will not enroll a user.

A) TGT
B) FTE
C) RFID
D) PKI
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
33
In, ________ the verifier determines whether the supplicant is a particular person.

A) verification
B) acceptance
C) supplicant scanning
D) match index
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
34
In, ________ the verifier determines whether the supplicant is a particular person.

A) verification
B) acceptance
C) supplicant scanning
D) match index
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
35
Which of the following statements accurately describes fingerprint recognition?

A) Fingerprint recognition is fairly unknown to the general population.
B) Fingerprint scanners account for just a small fraction of the total biometrics market.
C) Fingerprint recognition scanners are very expensive.
D) Fingerprint recognition technology is well developed.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
36
The false acceptance rate increases as the number of templates increases.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
37
PKI servers must support the downloading of ________ and must respond to ________ queries.

A) CRLs; OCSP
B) PKIs; CA
C) CRLs; CA
D) HMACs; CA
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
38
The labor costs of provisioning are very expensive.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
39
It is rarely safe to accept a digital certificate from a supplicant.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
40
Authorizations for individuals can also be referred to as ________.

A) user access data
B) permissions
C) supplicant scanning
D) acceptance
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
41
In planning authorizations, it is important to follow ________.

A) the principle of minimum identity data
B) two-factor authentication
C) multifactor authentication
D) the principle of least permissions
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
42
In following the principle of least permissions, each person should only get the permissions that he or she absolutely needs to do his or her job.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
43
Assigning least permissions means that the system tends to fail safely.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
44
Which of the following is FALSE about log files?

A) Automatic alerts should be established.
B) Log files should be read regularly.
C) External auditing should be conducted periodically.
D) Reading log files is an easy and minimally time-consuming process.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
45
________ records the actions that an account owner takes on a resource.

A) Logging
B) Authenticating
C) Verifying
D) Authorizing
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
46
Unless logs are studied, they are useless.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
47
Auditing predicts what a person or program is likely to do in the future.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
48
Which of the following is NOT a part of central authentication servers?

A) They reduce costs.
B) They give consistency in authentication no matter where a user or attacker comes into the network.
C) They only allow authentication to networks when employees are at the same physical locations as the servers.
D) They allow company-wide changes to be made instantly.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
49
Which of the following is arguably the most popular central authentication server standard?

A) Kerberos
B) RADIUS
C) LDAP
D) MS-CHAP
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
50
Central authentication servers are quite expensive and tend to not reduce costs for a company.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
51
The most widely used standard for central authentication servers is RADIUS.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
52
Most companies use ________ to store data centrally in their firms.

A) Domain controller servers
B) directory servers
C) authentication servers
D) RADIUS servers
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
53
A directory server database schema is a hierarchical collection of ________.

A) objects
B) USB tokens
C) one-time password token
D) public keys
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
54
In a hierarchical database system, O represents ________ and OU represents ________.

A) organization; organizational unit
B) organization; organized understanding
C) one-time; one-time user
D) organized; organized user
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
55
Authentication servers communicate with directory servers using ________.

A) MS-Chap
B) LDAP
C) RADIUS
D) Kerberos
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
56
Microsoft's directory server product is called ________.

A) MS-Chap
B) AD
C) RADIUS
D) Kerberos
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
57
Directory servers are central repositories for information about people, equipment, software, and databases.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
58
The OU is a shortcut way of referring to a node.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
59
Nearly all directory servers support LDAP.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
60
Trust means that one directory server will accept information from another.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
61
In federated identity management, firms ________.

A) send assertions to one another
B) query one another's identity management databases
C) authenticate users
D) provide verification
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
62
Which of the following is NOT one of the three major elements of an assertion?

A) Authenticity
B) Authorization
C) Attributes
D) Nodes
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
63
A potential benefit of identity management is ________.

A) SAML
B) MS-Chap
C) SSO
D) XML
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree