Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 10: Security Structures and Identity and Access Management

Full screen (f)
exit full mode
Question
Which of the following IT security frameworks analyzes business requirements and then creates a "chain of traceability" through the concept, design, implementation, and continual phases of the business life cycle?

A) ISO
B) NIST
C) ISACA
D) SABSA
Use Space or
up arrow
down arrow
to flip the card.
Question
Most U.S. organizations do not use a security framework.
Question
Which of the following IT security frameworks is a global non-profit association that develops practices, guidance, and benchmarks, and uses a tool called Control Objectives for Information and Related Technology (COBIT)?

A) ISO
B) NIST
C) ISACA
D) SABSA
Question
A(n) ________________ defines the actions users may perform while accessing devices and networks that belong to the organization.
Question
Which of the following types of controls includes multifactor authentication, firewalls, and intrusion detection systems?

A) Administrative controls
B) Logical controls
C) Physical controls
D) Online controls
Question
In social engineering _______________, a threat actor masquerades as a real or fictitious character and then plays out the role on a victim.
Question
In which of the following does an attacker secretly relay and possibly alter communications between two parties who believe that they are directly communicating with each other?

A) Session hijacking
B) Man-in-the-middle attack
C) Cross-site scripting
D) Privilege escalation
Question
To address security issues with directory services, many organizations are turning to what framework of business processes, policies, and technologies that facilitates the management of digital identities?
Question
In which of the following does a threat actor take advantage of web applications that accept user input without validating it before presenting it back to the user?

A) Session hijacking
B) Man-in-the-middle attack
C) Cross-site scripting
D) Privilege escalation
Question
Which of the following does not refer to the process of using a single authentication credential to access multiple accounts, networks, or applications?

A) TACACS+
B) Identity management
C) SSO
D) Federation
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/10
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 10: Security Structures and Identity and Access Management
1
Which of the following IT security frameworks analyzes business requirements and then creates a "chain of traceability" through the concept, design, implementation, and continual phases of the business life cycle?

A) ISO
B) NIST
C) ISACA
D) SABSA
D
2
Most U.S. organizations do not use a security framework.
False
3
Which of the following IT security frameworks is a global non-profit association that develops practices, guidance, and benchmarks, and uses a tool called Control Objectives for Information and Related Technology (COBIT)?

A) ISO
B) NIST
C) ISACA
D) SABSA
C
4
A(n) ________________ defines the actions users may perform while accessing devices and networks that belong to the organization.
Unlock Deck
Unlock for access to all 10 flashcards in this deck.
Unlock Deck
k this deck
5
Which of the following types of controls includes multifactor authentication, firewalls, and intrusion detection systems?

A) Administrative controls
B) Logical controls
C) Physical controls
D) Online controls
Unlock Deck
Unlock for access to all 10 flashcards in this deck.
Unlock Deck
k this deck
6
In social engineering _______________, a threat actor masquerades as a real or fictitious character and then plays out the role on a victim.
Unlock Deck
Unlock for access to all 10 flashcards in this deck.
Unlock Deck
k this deck
7
In which of the following does an attacker secretly relay and possibly alter communications between two parties who believe that they are directly communicating with each other?

A) Session hijacking
B) Man-in-the-middle attack
C) Cross-site scripting
D) Privilege escalation
Unlock Deck
Unlock for access to all 10 flashcards in this deck.
Unlock Deck
k this deck
8
To address security issues with directory services, many organizations are turning to what framework of business processes, policies, and technologies that facilitates the management of digital identities?
Unlock Deck
Unlock for access to all 10 flashcards in this deck.
Unlock Deck
k this deck
9
In which of the following does a threat actor take advantage of web applications that accept user input without validating it before presenting it back to the user?

A) Session hijacking
B) Man-in-the-middle attack
C) Cross-site scripting
D) Privilege escalation
Unlock Deck
Unlock for access to all 10 flashcards in this deck.
Unlock Deck
k this deck
10
Which of the following does not refer to the process of using a single authentication credential to access multiple accounts, networks, or applications?

A) TACACS+
B) Identity management
C) SSO
D) Federation
Unlock Deck
Unlock for access to all 10 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 10 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree