Flashcards in IS3340 CHAPTER 3 Deck (36):
An individual entry in a CACL is called ___?
ACCESS CONTROL ENTRY (ACE)
The list of access permissions for an object is called ___?
ACCESS CONTROL LIST (ACL)
Shared database of domain users, groups, computers, resources, and other information, along with network functionality to centralize and standardize network management and interoperation is called ___?
This is an access control approach that systematically nests individual user accounts in groups that make securing objects more general. It is an acronym for Accounts, Global groups, Universal groups, domain Local groups, and Permissions and is usually called ___?
The process of collecting performance information on what actions were taken and storing that information for later analysis is called ___?
GUIDS used in the Windows registry to identity objects and record many of their attributes is called ___?
CLASS IDENTIFIERS (CLSIDs)
An international set of standards for functionality and assurance of computer security. This is supersedes the Orange Book as well as other standards and is called ___?
The list of access permissions for an object, based on access granted by the object's owner is called ___?
DISCRETIONARY ACCESS CONTROL LIST (DACL)
A server computer designated to handle Active Directory requests is called ___?
Access permissions to an object calculated based on the requesting subjects' identification and group memberships is called ___?
Identification value that is unique across all environments to keep track of an object across many computers is called ___?
GLOBALLY UNIQUE ID (GUID)
A set of named entities that define a group of users for the purposes of defining permissions that apply to multiple users is called ___?
A computer network authentication protocol which allows computers to communicate in a secure manner across an insecure network, and the default authentication protocol for Windows. This is called ___?
A computer designated to authenticate users and, upon authentication, issue Kerberos keys that will allow subjects to access objects is called ___?
KEY DISTRIBUTION CENTER (KDC)
User accounts that are defined using the principle of least privilege is called ___?
LEAST PRIVILEGE USER ACCOUNTS (LUAs)
Authentication protocol used in legacy Windows systems to support secure communication across an insecure network is called ___?
NETWORK TRANSLATION LAN MANAGER (NTLM)
This was one of the early formal standards for computer security. The United States Department of Defense Trusted Computer System Evaluation Criteria (DOD-5200.28-STD) is commonly called ___.
The practice of providing a user or process with only the necessary access required to carry out a task is called ___?
PRINCIPLE OF LEAST PRIVILEGE
An encryption key that can be shared and does not need to be kept private is called ___?
A document used by Windows to store all SIDs associated with a process is called ___?
SECURITY ACCESS TOKEN (SAT)
Windows feature that prompts users for a confirmation before escalating to administrator privileges is called ___?
USER ACCOUNT CONTROL
1. Which of the following best describes the principle of least privilege?
1. Providing the necessary access to carry out any task
2. Providing access to the least number of objects possible
3. Providing just the necessary access required to carry out a task
4. Providing access equivalent to the least populated security group
Providing just the necessary access required to carry out a task
2. Which type of user account is designed using the principle of least privilege?
3. What structure does the Windows operating system use to store collections of permissions for objects?
4. If a regular user is a member of four groups, how many SIDs will be stored in the user's SAT?
5. Which of the following best describes UAC?
1. Prompts users before escalating to administrator privileges
2. Prevents processes from escalation to administrator privileges
3. Terminates programs that attempt to escalate to administrator privileges
4. Alerts users that attempts to escalate to administrator privileges have been automatically denied
Prompts users before escalating to administrator privileges
6. Which protocol does the Windows operating system use by default to authenticate computers to exchange security information?
7. When viewing an object's DACL, which permission indicates that advanced permissions have been set?
1. Extended permissions
2. Advanced permissions
3. Special permissions
4. Level II permissions
8. Which type of identifier was originally developed to identify ActiveX controls?
9. Which type of identifier is used to identify user groups?
10. If a user, user A
No, because group B denies read access to helloWorld.c
11. Why should you carefully design an auditing strategy before turning auditing on?
1. Auditing incomplete information wastes analysis time
2. Auditing too much information causes excessive overhead
3. Ad-hoc auditing rarely provides useful information
4. Audit log files only retain limited information without extensive configuration
Auditing too much information causes excessive overhead
12. Which of the following guidelines tend to provide the most useful auditing information?
1. Always audit event success and failures
2. Never audit both event successes and failures
3. Generally audit event failures
4. Do not audit event failures unless you first audit event successes
Generally audit event failures
13. What tool is most commonly used to view and search audit logs?
1. Windows Event Viewer
2. Windows Log Viewer
3. Windows Audit Viewer
4. Window ACL Viewer
Windows Event Viewer
14. Which of the following Windows tools replaces previous legacy tools and allows ACL modifications