Chapter 12

Which of the following is the Microsoft version of CHAP? MS-CHAP AD-EAP EAP-MS PAP-MICROSOFT

Which access control model is the most restrictive? DAC MAC Role-Based Access Control Rule-Based Access Control

What can be used to provide both file system security and database security? RBASEs CHAPs LDAPs ACLs

Which of the following is NOT true regarding how an enterprise should handle an orphaned or a dormant account? A formal procedure should be in place for disabling accounts for employees who are dismissed, resign, or retire from the organization. Access should be ended as soon as the employee is no longer part of the organization. Logs should be monitored because current employees are sometimes tempted to use an older dormant account instead of their own account. All orphaned and dormant accounts should be deleted immediately whenever they are discovered.

Which of the following is NOT part of the AAA framework? Access Authentication Authorization Accounting

What is the secure version of LDAP? Secure DAP 802.1x LDAPS X.500

Raul has been asked to serve as the individual to whom day-to-day actions have been assigned by the owner. What role is Raul taking? Operator Custodian Privacy officer End-user

Which can be used to establish geographical boundaries where a mobile device can and cannot be used? Geolocation policies Location-based policies Mobile device policies Restricted access control policies

A RADIUS authentication server requires the ________ to be authenticated first. authenticator authentication server user supplicant

Which of the following involves rights given to access specific resources? Authorization Access Accounting Identification

Which type of access control model uses predefined rules that makes it flexible? MAC ABAC DAC Rule-Based Access Control

How is the Security Assertion Markup Language (SAML) used? It allows secure web domains to exchange user authentication and authorization data. It is an authenticator in IEEE 802.1x. It is no longer used because it has been replaced by LDAP. It is a backup to a RADIUS server.

What is the least restrictive access control model? MAC Rule-Based Access Control DAC ABAC

What is the version of the X.500 standard that runs on a personal computer over TCP/IP? LDAP Lite RDAP IEEE X.501 DAP

Which of the following would NOT be considered as part of a clean desk policy? Do not share passwords with other employees. Place laptops in a locked filing cabinet. Keep mass storage devices locked in a drawer when not in use. Lock computer workstations when leaving the office.

Which Microsoft Windows feature provides group-based access control for centralized management and configuration of computers and remote users who are using Active Directory? Windows Registry Settings Resource Allocation Entities Group Policy AD Management Services (ADMS)

With the development of IEEE 802.1x port security, what type of authentication server has seen even greater usage? Lite RDAP RDAP RADIUS DAP

Which of these is a set of permissions that is attached to an object? Subject Access Entity (SAE) Access control list (ACL) Object modifier Security entry designator

What is the current version of TACACS? TACACS+ TRACACS TACACS v9 XTACACS

Which statement about Rule-Based Access Control is true? It is considered a real-world approach by linking a user's job function with security. It requires that a custodian set all rules. It dynamically assigns roles to subjects based on rules. It is considered obsolete today.