Institute Of Electrical And Electronics Engineers IEEE Quiz
Settings
.
- 1.A RADIUS authentication server requires that the _____ be authenticated first.authentication server.
- A.
Authentication server
- B.
Supplicant
- C.
Authenticator
- D.
User
- 2.Each of the following make up the AAA elements in network security except _______.
- A.
Controlling access to network resources (authentication)
- B.
Enforcing security policies (authorization)
- C.
Determining user need (analyzing)
- D.
Auditing usage (accounting)
- 3.With the development of IEEE 802.1x port security, the authentication server _____ has seen even greater usage.
- A.
RDAP
- B.
DAP
- C.
RADIUS
- D.
AAA
- 4._____ is an authentication protocol available as a free download that runs on Microsoft Windows 7/Vista, Windows Server 2008, Apple Mac OS X, and Linux.
- A.
IEEE 802.1x
- B.
RADIUS
- C.
Kerberos
- D.
LDAP
- 5.The version of the X.500 standard that runs on a personal computer over TCP/IP is_____.
- A.
DAP
- B.
LDAP
- C.
IEEE X.501
- D.
Lite RDAP
- 6.A user entering her user name would correspond to the _____ action in access control.
- A.
Authentication
- B.
Identification
- C.
Authorization
- D.
Access
- 7.A process functioning on behalf of the user that attempts to access a file is known as a(n) _______.
- A.
Object
- B.
Subject
- C.
Resource
- D.
Operation check
- 8.The individual who periodically reviews security settings and maintains records of access by users is called the _____.
- A.
Supervisor
- B.
Owner
- C.
Custodian
- D.
Manager
- 9.In the _____ model, the end user cannot change any security settings.
- A.
Discretionary Access Control
- B.
Security Access Control
- C.
Mandatory Access Control
- D.
Restricted Access Control
- 10.Rule Based Access Control _____.
- A.
Is considered obsolete today
- B.
Dynamically assigns roles to subjects based on rules
- C.
Is considered a real-world approach by linking a user’s job function with security
- D.
Requires that a custodian set all rules
- 11.Separation of duties requires that _____.
- A.
Processes should be divided between two or more individuals
- B.
End users cannot set security for themselves
- C.
Managers must monitor owners for security purposes
- D.
Jobs be rotated among different individuals
- 12._____ in access control means that if a condition is not explicitly met then access is to be rejected.
- A.
Denial of duties
- B.
Implicit deny
- C.
Explicit rejection
- D.
Prevention control
- 13.A(n) _____ is a set of permissions that is attached to an object.
- A.
Access control list (ACL)
- B.
Subject Access Entity (SAE)
- C.
Object modifier
- D.
Security entry designator
- 14._____ is a Microsoft Windows feature that provides centralized management and configuration of computers and remote users who are using Active Directory.
- A.
Windows Register Settings
- B.
Group Policy
- C.
Resource Allocation Entities
- D.
AD Management Services (ADMS)
- 15.A(n) _____ constructs LDAP statements based on user inputs in order to retrieve information from the database or modify its contents.
- A.
SQL/LDAP insert attack
- B.
Modified Trojan attack
- C.
LDAP injection attack
- D.
RBASE plug-in attack
- 16.The least restrictive access control model is _____.
- A.
Role Based Access Control (RBAC)
- B.
Mandatory Access Control (MAC)
- C.
Discretionary Access Control (DAC)
- D.
Rule Based Access Control (RBAC)
- 17.The principle known as _____ in access control means that each user should only be given the minimal amount of privileges necessary for that person to perform their job function.
- A.
Enterprise Security
- B.
Least privilege
- C.
Deny all
- D.
Mandatory Limitations
- 18.A(n) _____ is the person responsible for the information and determines the level of security needed for the data and delegates security duties as required.
- A.
Owner
- B.
Custodian
- C.
End user
- D.
Administrator
- 19.In the Mandatory Access Control (MAC) model, every subject and object _____.
- A.
Is restricted and cannot be accessed
- B.
Is assigned a label
- C.
Can be changed by the owner
- D.
Must be given a number from 200–900
- 20.A user account that has not been accessed for a lengthy period of time is called a(n) _____ account.
- A.
Orphaned
- B.
Limbo
- C.
Static
- D.
Dormant
- 21.Each of the following is a type of authentication credential except _______.
- A.
What you have
- B.
What you are
- C.
What you discover
- D.
What you know
- 22.Which of the following is not a reason why users create weak passwords?
- A.
A lengthy and complex password can be difficult to memorize.
- B.
A security policy requires a password to be changed regularly.
- C.
Having multiple passwords makes it hard to remember all of them.
- D.
Most sites force users to create weak passwords although they do not want to.
- 23.Which of the following attacks on passwords requires the attacker to have physical access to the computer to insert a USB flash drive?
- A.
Resetting
- B.
Capturing
- C.
Social engineering
- D.
Online guessing
- 24.What is a hybrid attack?
- A.
An attack that combines a dictionary attack with an online guessing attack
- B.
A brute force attack that uses special tables
- C.
An attack that slightly alters dictionary words
- D.
An attack that uses both automated and user input
- 25.Each of the following is a step in creating a strong password except _______.
- A.
Use a short password so the computer can process it more quickly
- B.
Avoid using phonetic words
- C.
Do not use sequences
- D.
Do not use personal information
Back to top