Give us your feedback!
Question:
Which of the following is a remote authentication system?
Response:
KERBEROS
OpenVPN
SESAME
TACACS
Which of the following is the lowest in the OSI model:
Session
Transport
Network
Physical
Data Link
Which access control includes training?
Administrative
Technical
Organizational
Encryption, access control mechanisms, access control lists and remote access authentication protocols are all examples of
Both Technical and Administrative
Technical controls
Physical Controls
Administrative Controls
Which classification of fuel type are electrical fires given?
B
C
D
A
Which access control protects the entire system?
Operating System Controls/Policies
Data Access Controls
System Access Controls
Access Control Lists
Firewalls/IPS
What OSI Layer includes data encryption?
Datalink
Application
Presentation
Which of the following is primarily focused on restoring systems and information?
Compensating
Detective
Corrective
Preventative
Recovery
Which access control requires sensitivity labels on all subjects and objects?
Manager set control
Discretionary access control
Mandatory access control
Access List Control
Role-based access control
Which of the following have the best CER?
Hand scanning
Finger scanning
Badge Scanning
Iris Scanning
More key terms from Chapter 2
Weakness or lack of a countermeasure
Vulnerability
Entity that can exploit a vulnerability
Threat agent
The danger of having a vulnerability exploited
Exposure
The probability of a threat being realized
Risk
Presence of a vulnerability which exposes the organization
Which classification of fuel type is wood given?
Account administration, policies and standards, asset classification and reviews of audit trails are all examples of
Physical controls
Administrative controls
Both technical and administrative controls
Determining whether a subject can log into a system is an example of
Accountability
Authentication
Authorization
Match the following key terms
Availability
Reliable and timely access to data and resources
Confidentiality
Necessary level of secrecy, unauthorized disclosure is prevented
Shoulder surfing
Unauthorized viewing of information (screen peeking)
Social Engineering
Tricking someone into giving sensitive information (to gain unauthorized access)
