Access Control Flashcards Preview

CISSP > Access Control > Flashcards

Flashcards in Access Control Deck (231)
Loading flashcards...
0

Is an active entity (individual or process) a subject or object?

Subject

1

Is a passive entity (system or process) a subject or an object?

Object

3

Which type of control is used to reduce risk?
(Preventative, deterrent, corrective, recovery, detective, compensating, directive)

Preventative

4

Which type of control identifies violations and incidents?
(Preventative, corrective, detective, compensating, recovery, deterrent, directive)

Detective

5

Which type of control is used for re mediating violations and incidents and improving preventative and detective controls?
(Preventative, detective, deterrent, corrective, compensating, recovery, directive)

Corrective

6

Which control is used for discouraging violations?
(Preventative, corrective, deterrent, recovery, detective, compensating, directive)

Deterrent

7

Which type of control is used for restoring systems and information?
(Preventative, detective, deterrent, corrective, recovery, compensating, directive)

Recovery

7

Which of these determines whether a subject can login?
(Authentication, Authorisation, Accountability)

authorisation

8

Which control provides alternative ways of achieving a task?
(Preventative, corrective, recovery, compensating, detective, deterrent, directive)

Compensating

9

Which of these determines what a subject can do? Ie access rights and permissions? (Authentication, authorisation, accountability)

Authorisation (or establishment)

10

What is non-repudiation?

It means that a user can't deny an action because their identity is positively associated with their actions

11

Which of these determines what a subject did?
(Authorisation, authentication, accountability)

Accountability

12

For the CISSP exam is an ATM card considered 2FA?

Yes

13

How many characters does a password have to be for it not to be stored in AD or local SAM (Security Account Manager)?

15 or longer

14

Biometrics: what is a one to one search?

Identify matched against an image file

15

Biometrics: what is a one to many search?

Identity matched against a database of identities

16

Which type of authentication system is a false reject rate or type 1 error used?

Biometric system

17

Note for exam: is biometric authentication considered 2fa?

No

18

What is a false reject rate (FRR) or type 1 error?

The percentage of authorised users to whom a system incorrectly denies access

19

What is a false accept rate (far) or type 2 error?

The percentage of unauthorised users to whom the system incorrectly grants access

20

In biometrics what is the crossover error rate (CER)?

The point at which the false accept rate equals the false reject rate

21

Which of these is considered the most important in biometric system accuracy? (False accept rate, false reject rate, crossover error rate)

Crossover error rate

22

CISSP answer: what is the most common difficulty about implementing a biometric system?

User acceptance

23

Generally accepted standards for biometric systems
Accuracy =
Speed =
Throughput =
Enrolment time =

Accuracy = crossover error rate less than 10%
Speed = 5 seconds
Throughput = 6 to 10 per minute
Enrolment time = less than 2 mins

24

What is the difference between a finger scan system and finger print system?

Finger scan systems don't store an image of the finger print, but rather a digitised file describing its unique characteristics

25

What are the two benefits of a finger scan system over a finger print system?

- Less storage and processing resources
- greater user acceptance as image of fingerprint not stored ie concerns with privacy

26

What is a hand geometry system?

Digitise image recording length, width, height and other unique characteristics of hand and fingers

27

Biometrics: what is the difference between a retina pattern and iris pattern?

Retina pattern records unique pattern in the vascular elements of the retina
Iris pattern records unique patterns of the colour portion surrounding the eye.

28

What is the most secure biometric system?
(Fingerprint/scan, hand geometry, iris pattern, retina pattern, signature, voice recognition, keystroke dynamics)

Iris pattern

29

Two examples of one time passwords are:

- tokens
- s/key protocol