Institute Of Electrical And Electronics Engineers IEEE Quiz

60 Questions | Total Attempts: 185

SettingsSettingsSettings
Please wait...
IEEE Quizzes & Trivia

.


Questions and Answers
  • 1. 
    A RADIUS authentication server requires that the _____ be authenticated first.authentication server.
    • A. 

      Authentication server

    • B. 

      Supplicant

    • C. 

      Authenticator

    • D. 

      User

  • 2. 
    Each of the following make up the AAA elements in network security except _______.
    • A. 

      Controlling access to network resources (authentication)

    • B. 

      Enforcing security policies (authorization)

    • C. 

      Determining user need (analyzing)

    • D. 

      Auditing usage (accounting)

  • 3. 
    With the development of IEEE 802.1x port security, the authentication server _____ has seen even greater usage.
    • A. 

      RDAP

    • B. 

      DAP

    • C. 

      RADIUS

    • D. 

      AAA

  • 4. 
    _____ is an authentication protocol available as a free download that runs on Microsoft Windows 7/Vista, Windows Server 2008, Apple Mac OS X, and Linux.
    • A. 

      IEEE 802.1x

    • B. 

      RADIUS

    • C. 

      Kerberos

    • D. 

      LDAP

  • 5. 
    The version of the X.500 standard that runs on a personal computer over TCP/IP is_____.
    • A. 

      DAP

    • B. 

      LDAP

    • C. 

      IEEE X.501

    • D. 

      Lite RDAP

  • 6. 
    A user entering her user name would correspond to the _____ action in access control.
    • A. 

      Authentication

    • B. 

      Identification

    • C. 

      Authorization

    • D. 

      Access

  • 7. 
    A process functioning on behalf of the user that attempts to access a file is known as a(n) _______.
    • A. 

      Object

    • B. 

      Subject

    • C. 

      Resource

    • D. 

      Operation check

  • 8. 
    The individual who periodically reviews security settings and maintains records of access by users is called the _____.
    • A. 

      Supervisor

    • B. 

      Owner

    • C. 

      Custodian

    • D. 

      Manager

  • 9. 
    In the _____ model, the end user cannot change any security settings.
    • A. 

      Discretionary Access Control

    • B. 

      Security Access Control

    • C. 

      Mandatory Access Control

    • D. 

      Restricted Access Control

  • 10. 
    Rule Based Access Control _____.
    • A. 

      Is considered obsolete today

    • B. 

      Dynamically assigns roles to subjects based on rules

    • C. 

      Is considered a real-world approach by linking a user’s job function with security

    • D. 

      Requires that a custodian set all rules

  • 11. 
    Separation of duties requires that _____.
    • A. 

      Processes should be divided between two or more individuals

    • B. 

      End users cannot set security for themselves

    • C. 

      Managers must monitor owners for security purposes

    • D. 

      Jobs be rotated among different individuals

  • 12. 
    _____ in access control means that if a condition is not explicitly met then access is to be rejected.
    • A. 

      Denial of duties

    • B. 

      Implicit deny

    • C. 

      Explicit rejection

    • D. 

      Prevention control

  • 13. 
    A(n) _____ is a set of permissions that is attached to an object.
    • A. 

      Access control list (ACL)

    • B. 

      Subject Access Entity (SAE)

    • C. 

      Object modifier

    • D. 

      Security entry designator

  • 14. 
    _____ is a Microsoft Windows feature that provides centralized management and configuration of computers and remote users who are using Active Directory.
    • A. 

      Windows Register Settings

    • B. 

      Group Policy

    • C. 

      Resource Allocation Entities

    • D. 

      AD Management Services (ADMS)

  • 15. 
    A(n) _____ constructs LDAP statements based on user inputs in order to retrieve information from the database or modify its contents.
    • A. 

      SQL/LDAP insert attack

    • B. 

      Modified Trojan attack

    • C. 

      LDAP injection attack

    • D. 

      RBASE plug-in attack

  • 16. 
    The least restrictive access control model is _____.
    • A. 

      Role Based Access Control (RBAC)

    • B. 

      Mandatory Access Control (MAC)

    • C. 

      Discretionary Access Control (DAC)

    • D. 

      Rule Based Access Control (RBAC)

  • 17. 
    The principle known as _____ in access control means that each user should only be given the minimal amount of privileges necessary for that person to perform their job function.
    • A. 

      Enterprise Security

    • B. 

      Least privilege

    • C. 

      Deny all

    • D. 

      Mandatory Limitations

  • 18. 
    A(n) _____ is the person responsible for the information and determines the level of security needed for the data and delegates security duties as required.
    • A. 

      Owner

    • B. 

      Custodian

    • C. 

      End user

    • D. 

      Administrator

  • 19. 
    In the Mandatory Access Control (MAC) model, every subject and object _____.
    • A. 

      Is restricted and cannot be accessed

    • B. 

      Is assigned a label

    • C. 

      Can be changed by the owner

    • D. 

      Must be given a number from 200–900

  • 20. 
    A user account that has not been accessed for a lengthy period of time is called a(n) _____ account.
    • A. 

      Orphaned

    • B. 

      Limbo

    • C. 

      Static

    • D. 

      Dormant

  • 21. 
    Each of the following is a type of authentication credential except _______.
    • A. 

      What you have

    • B. 

      What you are

    • C. 

      What you discover

    • D. 

      What you know

  • 22. 
    Which of the following is not a reason why users create weak passwords?
    • A. 

      A lengthy and complex password can be difficult to memorize.

    • B. 

      A security policy requires a password to be changed regularly.

    • C. 

      Having multiple passwords makes it hard to remember all of them.

    • D. 

      Most sites force users to create weak passwords although they do not want to.

  • 23. 
    Which of the following attacks on passwords requires the attacker to have physical access to the computer to insert a USB flash drive?
    • A. 

      Resetting

    • B. 

      Capturing

    • C. 

      Social engineering

    • D. 

      Online guessing

  • 24. 
    What is a hybrid attack?
    • A. 

      An attack that combines a dictionary attack with an online guessing attack

    • B. 

      A brute force attack that uses special tables

    • C. 

      An attack that slightly alters dictionary words

    • D. 

      An attack that uses both automated and user input

  • 25. 
    Each of the following is a step in creating a strong password except _______.
    • A. 

      Use a short password so the computer can process it more quickly

    • B. 

      Avoid using phonetic words

    • C. 

      Do not use sequences

    • D. 

      Do not use personal information