Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 3: Authenticating Users

Full screen (f)
exit full mode
Question
____ access controls remedy a circumstance or mitigate the damage caused during an incident.

A) Corrective
B) Detective
C) Deterrent
D) Preventive
Use Space or
up arrow
down arrow
to flip the card.
Question
____ reduces the chance of an individual violating information security by increasing the scrutiny on any one user.

A) Need to know
B) Least privilege
C) Access control
D) Separation of duties
Question
____ use(s) a challenge-response system.

A) Local authentication
B) Biometrics
C) Synchronous tokens
D) Asynchronous tokens
Question
Some firewalls use authentication to give employees access to common resources.
Question
____ access controls help the organization avoid an incident.

A) Corrective
B) Detective
C) Deterrent
D) Preventive
Question
For most information, the U.S.military uses a classification scheme with ____ as the uppermost tier.

A) confidential
B) secret
C) top secret
D) galactic top secret
Question
A simple scheme can allow an organization to protect sensitive information, such as marketing or research data, personnel data, customer data, and general internal communications classifies data.Which of the following categories would most likely be used for internal phone lists?

A) Public
B) For Official Use Only
C) Classified
D) Galatic Top Secret
Question
Lattice-based access control is a variation of ____ access control.

A) mandatory
B) discretionary
C) nondiscretionary
D) classification
Question
Role-based access controls are a type of ____ access controls.

A) mandatory
B) nondiscretionary
C) discretionary
D) task-based
Question
A PIN is an example of something you ____.

A) know
B) have
C) are
D) do
Question
RADIUS works with Network Address Translation (NAT).
Question
Physical attributes are an example of something you ____ that can be used to verify identity.

A) know
B) have
C) are
D) do
Question
In ____, access to a specific set of information is dependent on the information's content.

A) content-dependent
B) rule-based
C) role-based
D) task-based
Question
IEEE 802.1x is one of the fastest growing standards being used in enterprise networks today.
Question
Access controls are defined only using technology.
Question
____ authentication can enable employees who work remotely or who are traveling to access your internal servers.

A) Client
B) User
C) Session
D) Synchronous
Question
In a lattice-based access control, the column of attributes associated with a particular object is referred to as a(n) ____.

A) need-to-know
B) access control list (ACL)
C) classification scheme
D) rule-based configuration
Question
____ authentication is most commonly set up as a form of auditing and occurs when a system records the activities of each user and writes details about each activity to a log file.

A) Local
B) Discretionary
C) Centralized
D) Decentralized
Question
Most organizations do not need the detailed level of classification used by the military or federal agencies.
Question
____ is most frequently associated with data classification schemes.

A) Need to know
B) Least privilege
C) Access control
D) Separation of duties
Question
Client authentication or ____ authentication should be used when only a single user is coming from a single IP address.

A) discretionary
B) network
C) user
D) session
Question
____________________ is the act of confirming the identity of a potential user.
Question
Match each item with a statement below.
a.authentication
b.least privilege
c.discretionary access controls
d.authorization
e.separation of duties
f.identification
g.need to know
h.nondiscretionary access controls
i.accountability
Documenting the activities of the authorized individual and systems.
Question
Match each item with a statement below.
a.authentication
b.least privilege
c.discretionary access controls
d.authorization
e.separation of duties
f.identification
g.need to know
h.nondiscretionary access controls
i.accountability
This principle limits individuals' information access to what is required to perform their jobs.
Question
With ____________________ authentication, the firewall enables the authenticated user to access the desired resources for a specific period of time.
Question
Public-Key Infrastructure (PKI) must be used for ____ authentication.

A) Kerberos
B) 802.1x Wi-Fi
C) RADIUS
D) certificate-based
Question
Match each item with a statement below.
a.authentication
b.least privilege
c.discretionary access controls
d.authorization
e.separation of duties
f.identification
g.need to know
h.nondiscretionary access controls
i.accountability
Principle by which employees are provided access to the minimal amount of information for the least duration of time necessary to perform their duties
Question
To configure client authentication, you need to set up one of two types of authentication systems: ____ and ____.

A) standard sign-on and specific sign-on
B) standard sign-on and single-sign on
C) Kerberos and TACACS++
D) Kerberos and RADIUS
Question
The ____________________ password system, which is a feature of the Linux operating system that enables the secure storage of passwords, stores them in another file that has restricted access.
Question
Match each item with a statement below.
a.authentication
b.least privilege
c.discretionary access controls
d.authorization
e.separation of duties
f.identification
g.need to know
h.nondiscretionary access controls
i.accountability
Determined by a central authority in the organization.
Question
Linux stores passwords in the ____ file in encrypted format.

A) /etc/pass
B) /root/passwd
C) /etc/passwd
D) /system/password
Question
Match each item with a statement below.
a.authentication
b.least privilege
c.discretionary access controls
d.authorization
e.separation of duties
f.identification
g.need to know
h.nondiscretionary access controls
i.accountability
Confirming the identity of the entity seeking access to a logical or physical area
Question
____________________ IP address mappings work best because some TACACS+ systems use the source IP address to create the encryption key.
Question
Match each item with a statement below.
a.authentication
b.least privilege
c.discretionary access controls
d.authorization
e.separation of duties
f.identification
g.need to know
h.nondiscretionary access controls
i.accountability
Obtaining the identity of the entity requesting access to a logical or physical area.
Question
In ____________________-based access controls, access is granted based on a set of rules specified by the central authority.
Question
Match each item with a statement below.
a.authentication
b.least privilege
c.discretionary access controls
d.authorization
e.separation of duties
f.identification
g.need to know
h.nondiscretionary access controls
i.accountability
Determining which actions an entity can perform in that physical or logical area.
Question
Match each item with a statement below.
a.authentication
b.least privilege
c.discretionary access controls
d.authorization
e.separation of duties
f.identification
g.need to know
h.nondiscretionary access controls
i.accountability
Implemented at the discretion of the data user.
Question
You might have to use TACACS+ or ____ if your firewall doesn't support authentication.

A) RADIUS
B) Kerberos
C) NAT
D) digital certificates
Question
The ____ authentication server is also known as a Key Distribution Center (KDC).

A) TACACS+
B) Kerberos
C) WEP
D) RADIUS
Question
Match each item with a statement below.
a.authentication
b.least privilege
c.discretionary access controls
d.authorization
e.separation of duties
f.identification
g.need to know
h.nondiscretionary access controls
i.accountability
This principle increases the security of information and other assets by requiring that more than one individual be responsible for a particular information asset, process, or task.
Question
What are the functions that can be used to classify access controls?
Question
What is a disadvantage of centralized authentication?
Question
What are discretionary access controls?
Question
Describe mandatory access control.
Question
Describe security clearances.
Question
Compare TACACS+ and RADIUS with regard to strength of security.
Question
Describe the differences between local and centralized authentication.
Question
What are the general steps a firewall uses to authenticate users?
Question
What types of one-time passwords are available?
Question
What are the four processes encompassed by access control?
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/50
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 3: Authenticating Users
1
____ access controls remedy a circumstance or mitigate the damage caused during an incident.

A) Corrective
B) Detective
C) Deterrent
D) Preventive
A
2
____ reduces the chance of an individual violating information security by increasing the scrutiny on any one user.

A) Need to know
B) Least privilege
C) Access control
D) Separation of duties
D
3
____ use(s) a challenge-response system.

A) Local authentication
B) Biometrics
C) Synchronous tokens
D) Asynchronous tokens
D
4
Some firewalls use authentication to give employees access to common resources.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
5
____ access controls help the organization avoid an incident.

A) Corrective
B) Detective
C) Deterrent
D) Preventive
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
6
For most information, the U.S.military uses a classification scheme with ____ as the uppermost tier.

A) confidential
B) secret
C) top secret
D) galactic top secret
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
7
A simple scheme can allow an organization to protect sensitive information, such as marketing or research data, personnel data, customer data, and general internal communications classifies data.Which of the following categories would most likely be used for internal phone lists?

A) Public
B) For Official Use Only
C) Classified
D) Galatic Top Secret
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
8
Lattice-based access control is a variation of ____ access control.

A) mandatory
B) discretionary
C) nondiscretionary
D) classification
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
9
Role-based access controls are a type of ____ access controls.

A) mandatory
B) nondiscretionary
C) discretionary
D) task-based
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
10
A PIN is an example of something you ____.

A) know
B) have
C) are
D) do
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
11
RADIUS works with Network Address Translation (NAT).
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
12
Physical attributes are an example of something you ____ that can be used to verify identity.

A) know
B) have
C) are
D) do
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
13
In ____, access to a specific set of information is dependent on the information's content.

A) content-dependent
B) rule-based
C) role-based
D) task-based
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
14
IEEE 802.1x is one of the fastest growing standards being used in enterprise networks today.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
15
Access controls are defined only using technology.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
16
____ authentication can enable employees who work remotely or who are traveling to access your internal servers.

A) Client
B) User
C) Session
D) Synchronous
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
17
In a lattice-based access control, the column of attributes associated with a particular object is referred to as a(n) ____.

A) need-to-know
B) access control list (ACL)
C) classification scheme
D) rule-based configuration
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
18
____ authentication is most commonly set up as a form of auditing and occurs when a system records the activities of each user and writes details about each activity to a log file.

A) Local
B) Discretionary
C) Centralized
D) Decentralized
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
19
Most organizations do not need the detailed level of classification used by the military or federal agencies.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
20
____ is most frequently associated with data classification schemes.

A) Need to know
B) Least privilege
C) Access control
D) Separation of duties
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
21
Client authentication or ____ authentication should be used when only a single user is coming from a single IP address.

A) discretionary
B) network
C) user
D) session
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
22
____________________ is the act of confirming the identity of a potential user.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
23
Match each item with a statement below.
a.authentication
b.least privilege
c.discretionary access controls
d.authorization
e.separation of duties
f.identification
g.need to know
h.nondiscretionary access controls
i.accountability
Documenting the activities of the authorized individual and systems.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
24
Match each item with a statement below.
a.authentication
b.least privilege
c.discretionary access controls
d.authorization
e.separation of duties
f.identification
g.need to know
h.nondiscretionary access controls
i.accountability
This principle limits individuals' information access to what is required to perform their jobs.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
25
With ____________________ authentication, the firewall enables the authenticated user to access the desired resources for a specific period of time.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
26
Public-Key Infrastructure (PKI) must be used for ____ authentication.

A) Kerberos
B) 802.1x Wi-Fi
C) RADIUS
D) certificate-based
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
27
Match each item with a statement below.
a.authentication
b.least privilege
c.discretionary access controls
d.authorization
e.separation of duties
f.identification
g.need to know
h.nondiscretionary access controls
i.accountability
Principle by which employees are provided access to the minimal amount of information for the least duration of time necessary to perform their duties
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
28
To configure client authentication, you need to set up one of two types of authentication systems: ____ and ____.

A) standard sign-on and specific sign-on
B) standard sign-on and single-sign on
C) Kerberos and TACACS++
D) Kerberos and RADIUS
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
29
The ____________________ password system, which is a feature of the Linux operating system that enables the secure storage of passwords, stores them in another file that has restricted access.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
30
Match each item with a statement below.
a.authentication
b.least privilege
c.discretionary access controls
d.authorization
e.separation of duties
f.identification
g.need to know
h.nondiscretionary access controls
i.accountability
Determined by a central authority in the organization.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
31
Linux stores passwords in the ____ file in encrypted format.

A) /etc/pass
B) /root/passwd
C) /etc/passwd
D) /system/password
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
32
Match each item with a statement below.
a.authentication
b.least privilege
c.discretionary access controls
d.authorization
e.separation of duties
f.identification
g.need to know
h.nondiscretionary access controls
i.accountability
Confirming the identity of the entity seeking access to a logical or physical area
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
33
____________________ IP address mappings work best because some TACACS+ systems use the source IP address to create the encryption key.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
34
Match each item with a statement below.
a.authentication
b.least privilege
c.discretionary access controls
d.authorization
e.separation of duties
f.identification
g.need to know
h.nondiscretionary access controls
i.accountability
Obtaining the identity of the entity requesting access to a logical or physical area.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
35
In ____________________-based access controls, access is granted based on a set of rules specified by the central authority.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
36
Match each item with a statement below.
a.authentication
b.least privilege
c.discretionary access controls
d.authorization
e.separation of duties
f.identification
g.need to know
h.nondiscretionary access controls
i.accountability
Determining which actions an entity can perform in that physical or logical area.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
37
Match each item with a statement below.
a.authentication
b.least privilege
c.discretionary access controls
d.authorization
e.separation of duties
f.identification
g.need to know
h.nondiscretionary access controls
i.accountability
Implemented at the discretion of the data user.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
38
You might have to use TACACS+ or ____ if your firewall doesn't support authentication.

A) RADIUS
B) Kerberos
C) NAT
D) digital certificates
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
39
The ____ authentication server is also known as a Key Distribution Center (KDC).

A) TACACS+
B) Kerberos
C) WEP
D) RADIUS
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
40
Match each item with a statement below.
a.authentication
b.least privilege
c.discretionary access controls
d.authorization
e.separation of duties
f.identification
g.need to know
h.nondiscretionary access controls
i.accountability
This principle increases the security of information and other assets by requiring that more than one individual be responsible for a particular information asset, process, or task.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
41
What are the functions that can be used to classify access controls?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
42
What is a disadvantage of centralized authentication?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
43
What are discretionary access controls?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
44
Describe mandatory access control.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
45
Describe security clearances.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
46
Compare TACACS+ and RADIUS with regard to strength of security.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
47
Describe the differences between local and centralized authentication.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
48
What are the general steps a firewall uses to authenticate users?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
49
What types of one-time passwords are available?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
50
What are the four processes encompassed by access control?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree