6.1.8 Practice Questions

Authentication and authorization A remote access server performs the following functions: > Authentication is the process of proving identity. After devices agree on the authentication protocol to use, the login credentials are exchanged and login is allowed or denied. > Authorization is the process of identifying the resources that a user can access over the remote access connection. Authorization is controlled through the use of network policies (remote access policies) as well as access control lists. Accounting is an activity that tracks or logs the use of the remote access connection. Accounting is used to keep track of resource use but is not typically used to control resource use. If access is allowed or denied based on time limits, information provided by accounting might be used by authorization rules to allow or deny access. Identification is the initial process of confirming the identity of a user requesting credentials and occurs when a users types in a user ID to log on. Identity proofing occurs during the identification phase as the user proves that they are who they say they are in order to obtain credentials.

Explanation: There are a few different processes that a remote access server can use to control access to resources. One common process is to authenticate the user. This involves verifying the user's identity and making sure that they have the proper permissions to access the requested resources. Another process that may be used is to authorization, which determines what level of access the user has to the resources. For example, the server may allow the user to read data but not make any changes. The server may also limit the user's access to certain resources or areas of the network.

Detective Audit trails produced by auditing activities are a detective security control. Audit trails are used to detect the occurrence of unwanted or illegal actions by users. Audit trails give administrators the ability to reconstruct historical events and locate aberrant activities. Once an issue is discovered in an audit trail, the collected information can be used to guide the corrective or recovery procedure to restore resources, prevent re-occurrence, and prosecute the perpetrator. The security function of auditing the activities of user accounts on a secured system is considered a preventative or deterrent security control.

Explanation: Audit trails produced by auditing activities are which type of security control?Audit trails can be used as a security control to help track and monitor activity on a system or network. Audit trails can provide information on who accessed what resources, when they accessed them, and what actions they took. This information can be used to help identify and investigate security incidents.

Username Identification is the initial process of confirming the identity of a user requesting credentials and occurs when a users types in a user ID to log on. The username is used for identification, while a password, PIN, or some other cognitive information is used for authentication. Authentication is the verification of the issued identification credentials. It is usually the second step after identification and establishes the user's identity, ensuring that users are who they say they are.

Explanation: There are many different types of identification that can be used for different purposes. Some common forms of identification include a driver's license, passport, birth certificate, and social security card. Each of these documents can be used to verify your identity in different situations. For example, a driver's license can be used to prove your identity when you are driving a car, while a passport can be used to prove your identity when you are traveling internationally.

Principle of least privilege The principle of least privilege is the assignment of access permissions so that users can only access the resources required to accomplish their specific work tasks. Job rotation and cross-training involve training groups of employees how to perform multiple job roles and periodically rotating those roles. Need to know is a feature of MAC environments where data within your classification level is compartmentalized and requires specific work-task needs for privilege access.

Explanation: The security principle that you are complying with is the principle of least privilege. This principle states that users should only be given the minimum amount of access necessary to accomplish their work tasks. By only giving users access to the resources they need, you can help to prevent them from accidentally accessing or modifying resources that they should not have access to.

Need to Know Need to Know is used with mandatory access control environments to implement granular control over access to segmented and classified data. Separation of duties is the security principle that states that no single user is granted sufficient privileges to compromise the security of an entire environment. Clearance is the subject classification label that grants a user access to a specific security domain in a mandatory access control environment. Ownership is the access right in a discretionary access control environment that gives a user complete control over an object. This is usually because he or she created the object.

Explanation: The principle implemented in a mandatory access control model to determine object access by classification level is that all subjects must be authorized to access an object before they are allowed to access it. This principle is enforced by assigning a classification level to each object, and then only allowing subjects with the same or higher classification level to access the object.

Privilege creep Privilege creep occurs when a user's job position changes and he or she is granted a new set of access privileges for their new work tasks, but their previous access privileges are not removed. As a result, the user accumulates privileges over time that are not necessary for their current work tasks. This is a form of privilege escalation. Principle of least privilege and separation of duties are countermeasures against privilege escalation. Mandatory vacations are used to perform peer reviews, which requires cross-trained personnel and help detect mistakes and fraud.

Explanation: A privilege escalation is when a user gains access to resources or information that they are not normally able to access. This can happen when a user's account is compromised, when a user is given too much access to a system, or when a user finds a vulnerability in a system.

Prevent conflicts of interest The primary purpose of separation of duties is to prevent conflicts of interest by dividing administrative powers between several trusted administrators. This prevents a single person from having all of the privileges over an environment, which would create a primary target for attack and a single point of failure. Increasing administrative difficulty, informing managers that they are not trusted, or granting a greater range of control to senior management are not the primary purposes of separation of duties. Separation of duties might seem to increase administrative difficulty, but this separation provides significant security benefits. A manager is informed they are not trusted when they are not given any responsibility as opposed to a reasonable portion of responsibility. Senior management already has full control over their organization.

Explanation: The primary purpose of separation of duties is to ensure that no one individual has complete control over a process or transaction. This limits the potential for errors or fraud, as well as ensuring that critical tasks are completed in a timely manner. Separation of duties also allows for greater oversight and accountability, as multiple individuals are involved in each stage of a process.

Attribute-Based Access Control (ABAC) The ABAC model is based on assigning attributes to objects and using Boolean logic to grant access based on the attributes of the subject. The MAC model is based on classification labels being assigned to objects and clearance labels being assigned to subjects. When a subject's clearance lines up with an objects classification, the subject is granted access. The RBAC model grants access based on the subject's role in an organization. The Rule-Based Access Control model grants access based on a set of rules or policies.

Explanation: The access control model that is based on assigning attributes to objects and using Boolean logic to grant access based on the attributes of the subject is called the attribute-based access control model. In this model, each object has a set of attributes that are used to determine whether the subject has access to the object. The attributes of the subject are compared to the attributes of the object, and if the subject has all of the attributes required to access the object, then the subject is granted access to the object.

RBAC Role-based access control (RBAC) allows access based on a role in an organization, not individual users. Roles are defined based on job description or a security-access level. Users are made members of a role and receive the permissions assigned to the role. Discretionary access control (DAC) assigns access directly to subjects based on the discretion of the owner. Objects have a discretionary access control list (DACL) with entries for each subject. Owners add subjects to the DACL and assign rights or permissions. The permissions identify the actions the subject can perform on the object. Mandatory access control (MAC) uses labels for both subjects (users who need access) and objects (resources with controlled access). When a subject's clearance lines up with an object's classification, and when the user has a need to know (referred to as a category), the user is granted access.

Explanation: The type of access control model being used is called the role-based access control" model. In this model, access to data is based on the user's role within the organization. Only users who are managers are allowed to access the specific data. This type of access control is effective in preventing unauthorized access to data."

Router access control lists that allow or deny traffic based on the characteristics of an IP packet. A router access control list that allows or denies traffic based on the characteristics of an IP packet is an example of rule-based access control. A subject with a government clearance that allows access to government classification labels of Confidential, Secret, and Top Secret is an example of mandatory access control. A member of the accounting team that is given access to the accounting department documents is an example of role-based access control. A computer file owner who grants access to the file by adding other users to an access control list is an example of discretionary access control.

Explanation: One example of rule-based access control is when a company has a set of rules that employees must follow in order to access certain areas of the company's network. For example, an employee may only be able to access the company's financial data if they have been specifically authorized to do so by their manager.