IS3230 CHAPTER 10 Flashcards Preview

IS3230 ACCESS CONTROL, KEY INFRASTRUCTURE > IS3230 CHAPTER 10 > Flashcards

Flashcards in IS3230 CHAPTER 10 Deck (41):
1

An element of the access control list known as (ACE) is called ___.

ACCESS CONTROL ENTRY (ACE)

2

A list of security policies that is associated with an object is called ___.

ACCESS CONTROL LIST (ACL)

3

Someone trying to compromise information or data is called ___.

ATTACKER

4

The service provided through Kerberos that identifies users on a computer system and is part of the Key Distribution Center is called ___.

AUTHENTICATION SERVICE

5

A message that is part of the Kerberos authentication process and is composed of the client ID and timestamp is called ___.

AUTHENTICATOR

6

A model that defines basic principles of access controls is called ___.

BELL-LaPADULA MODEL

7

Information that has cryptographic protection applied to it is called ___.

CLEAR TEXT

8

Products that are easily available to anyone is called ___.

COMMERCIAL OFF-THE-SHELF (COTS)

9

ISO/IEC 15408 standard for computer security is called ___.

COMMON CRITERIA

10

.Unauthorized access and release of information is called ___.

COMPROMISE

11

Used to control access to resources this is called ___.

CREDENTIALS

12

Used to protect data so that it cannot be easily read or understood is called ___.

CRYPTOGRAPHY

13

An attack against a system that limits it from doing the tasks it is intended to do is called ___.

DENIAL OF SERVICE (DoS) ATTACK

14

Provides a means of verifying identities of computer systems on an unprotected network. This is designed to provide strong authentication for client/server applications by using secret-key cryptography is called ___.

KERBEROS

15

The service or server that acts as both the ticket granting service and the authentication service is called ___.

KEY DISTRIBUTION CENTER (KDC)

16

The use of policies within a network infrastructure to limit access to resources until the system proves that it has complied with the policy is called ___.

NETWORK ACCESS CONTROL (NAC)

17

This divides the network infrastructure into seven layers and is called ___.

OPEN SYSTEMS INTERCONNECTION (OSI) REFERENCE MODEL

18

This is orange and part of the "Rainbow Series" published by the US DOD is called ___.

ORANGE BOOK

19

A key used to encrypt and decrypt messages is called ___.

SECRET KEY

20

A variable that identifies a user, group, or account is called ___.

SECURITY IDENTIFIER (SID)

21

An access point's ID on a wireless LAN is called ___.

SERVICE SET IDENTIFIER (SSID)

22

.A method of access control that allows a user to log on to a system and gain access to other resources within the network via the initial logon. It helps a user avoid having to log on multiple times and remember multiple passwords for various systems is called ___.

SINGLE SIGN-ON (SSO)

23

The act of identifying a suer as authentic with a single authentication factor is called ___.

SINGLE-FACTOR AUTHENTICATION

24

A form of encryption where the sender and the receiver use the same key for encrypting an object is called ___.

SYMMETRIC ENCRYPTION

25

Encryption used for WLANs is called ___.

TEMPORAL KEY INTEGRITY PROTOCOL (TKIP)

26

The act of identifying a suer as authentic with three authentication factors is called ___.

THREE-FACTOR AUTHENTICATION

27

A server or service that is authorized to issue tickets to the client after the client has already received a ticket granting ticket and is called ___.

TICKET-GRANTING SERVICE (TGS)

28

Being open and honest about the infrastructure; not hiding any data from the users is called ___.

TRANSPARENCY

29

The act of identifying a user as authentic with two authentication factors is called ___.

TWO-FACTOR AUTHENTICATION

30

1. What does ACL stand for?
1. Access control level
2. Access control limit
3. Access control logic
4.Access control list

Access control list

31

2. List the four types of access control models.

MANDATORY access control (MAC)
DISCRETIONARY access control (DAC)
ROLE BASED access control (RBAC)
ATTRIBUTE-BASED access control (ABAC)

32

3. Which of the following are components of a Kerberos system? (Select two)
1. TKIP
2. AS
3. GS
4. BGP

AS
GS

33

4. A switch is a divide used on which layer of the OSI model?
1. Layer 1
2. Layer 2
3. Layer 4
4. Layer 5

Layer 2

34

5. Which of the following are authentication factors? (Select three)
1, Something you need
2, Something you have
3, Something you are
4, Something you believe
5, Something you know

Something you have
Something you are
Something you know

35

6. VLANs are used to segment networks.
TRUE OR FALSE

TRUE

36

7. What are types of access control lists?
1. DACL
2. MACL
3. SACL
4. TACL

DACL
SACL

37

8. Passwords should have no time limit assigned to them.
TRUE OR FALSE

FALSE

38

9. Which of the following is the most secure encryption method for WLANs?
1. DAC
2. WEP
3. WPA
4. MAC

WPA

39

10. How many hexadecimal digits are provided by IEEE for vendor identification?
1. 6
2. 12
3. 18
4. 24

6

40

11. Which IEEE standard defines WLANs?
1. 802.11
2. 802.10
3. 802.5
4. 802.1q

802.11

41

12. Which of the following is an example of SSO?
1. Keystroke logger
2. Trojan horse
3. Kerberos
4. Broadcast domains

Kerberos