Security + Access Control

The Role-Based Access Control (RBAC) model allows a user to act in a certain predetermined manner based on the role the user holds in the organization. The Mandatory Access Control (MAC) model is a static model that uses a predefined set of access privileges to files on the system. The Discretionary Access Control (DAC) model allows the owner of a resource to establish privileges to the information they own and has nonmandatory labels. SAC is not a valid access control model.

BAC is not a valid access control model. The Discretionary Access Control (DAC) model allows the owner of a resource to establish privileges to the information they own and has nonmandatory labels. The Mandatory Access Control (MAC) model is a static model that uses a predefined set of access privileges to files on the system. The Role-Based Access Control (RBAC) model allows a user to act in a certain predetermined manner based on the role the user holds in the organization.

The Discretionary Access Control (DAC) model allows the owner of a resource to establish privileges to the information they own and has nonmandatory labels. The Mandatory Access Control (MAC) model is a static model that uses a predefined set of access privileges to files on the system. The Role-Based Access Control (RBAC) model allows a user to act in a certain predetermined manner based on the role the user holds in the organization. BAC is not a valid access control model.

A broadcast sends a message from a single system to the entire network. A multicast sends a message to multiple addresses. A unicast is multicast formatted but oriented at a single system. There is no such valid messaging option as sudocast.

The Mandatory Access Control (MAC) model is a static model that uses a predefined set of access privileges to files on the system. The Discretionary Access Control (DAC) model allows the owner of a resource to establish privileges to the information they own and has nonmandatory labels. The Role-Based Access Control (RBAC) model allows a user to act in a certain predetermined manner based on the role the user holds in the organization. BRACK is not a valid access control model.

All the choices listed are various types of access attacks. In a snooping attack, someone looks through your files in hopes of finding something interesting. In an eavesdropping attack, the attacker listens in on or overhears parts of a conversation. In a passive interception attack, someone routinely monitors network traffic. In an active interception attack, a computer is placed between the sender and receiver to capture information while it's sent.

Challenge Handshake Authentication Protocol (CHAP) challenges a system to verify identity and employs an encrypted challenge. Security tokens are forms of certificates that contain rights and access privileges of a token bearer as part of their token. Password Authentication Protocol (PAP) offers no true security and is one of the simplest forms of authentication: both the username and the password are sent as clear text and checked for a match. Kerberos authenticates a principal (user, system, program, and so on) and provides it with a ticket.

Remote Authentication Dial-In User Service (RADIUS) is used to authenticate users who connect remotely.

Lightweight Directory Access Protocol (LDAP) is a pared-down X.500 implementation that operates on port 389. The other choices are not valid for this question.

Simple Network Management Protocol (SNMP) is used to manage and monitor devices in a network. Internet Control Message Protocol (ICMP) is used to report errors and reply to requests from programs such as ping and traceroute. Internet Group Management Protocol (IGMP) is used to manage group or multicasting sessions. Trivial File Transfer Protocol (TFTP) is an anonymous version of FTP.

Kerberos authenticates a principal (user, system, program, and so on) and provides it with a ticket. Challenge Handshake Authentication Protocol (CHAP) challenges a system to verify identity and employs an encrypted challenge. Security tokens are forms of certificates that contain rights and access privileges of a token bearer as part of their token. Password Authentication Protocol (PAP) offers no true security and is one of the simplest forms of authentication: both the username and the password are sent as clear text and checked for a match.

Password Authentication Protocol (PAP) offers no true security and is one of the simplest forms of authentication: both the username and the password are sent as clear text and checked for a match. Challenge Handshake Authentication Protocol (CHAP) challenges a system to verify identity and employs an encrypted challenge. Security tokens are forms of certificates that contain rights and access privileges of a token bearer as part of their token. Kerberos authenticates a principal (user, system, program, and so on) and provides it with a ticket.

NetBIOS Extended User Interface (NetBEUI) is used to transport NetBIOS across the LAN. Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX) is a networking protocol proprietary to Novell that was used with NetWare 4.x and earlier versions. Network Basic Input Output System (NetBIOS) is the native networking protocol of Windows-based PCs, and WINS (Windows Internet Name Service) is used to translate NetBIOS names to network addresses. Network File System (NFS) is the default file-sharing protocol for Unix-based systems.

TACACS uses port 49. POP3 uses port 110. NNTP uses port 119. NetBIOS uses port 138 (as well as 137 and 139).

Network Basic Input Output System (NetBIOS) is the native networking protocol of Windows-based PCs. Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX) is a networking protocol proprietary to Novell that was used with NetWare 4.x and earlier versions. NetBIOS Extended User Interface (NetBEUI) is used to transport NetBIOS across the LAN. Network File System (NFS) is the default file-sharing protocol for Unix-based systems.

Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX) is a networking protocol proprietary to Novell that was used with NetWare 4.x and earlier versions. Network Basic Input Output System (NetBIOS) was the native networking protocol of Windows-based PCs prior to TCP/IP. NetBIOS Extended User Interface (NetBEUI) is used to transport NetBIOS across the LAN. Network File System (NFS) is the default file-sharing protocol for Unix-based systems.

RAS connections can be made using modems and Plain Old Telephone Service (POTS).

The canonical name (CN) is the distinguished name given in a top-down notation. The relative distinguished name (RDN) is the portion of the name that is unique within the container. The user principal name (UPN) consists of the user account and the user's domain name and is often referred to as the friendly name. The other option is not a valid choice for a type of LDAP/Active Directory name.

VPNs employ tunneling at layer 2 of the OSI model.

The NetBIOS session service uses ports 137, 138, and 139. Port 140 is not used by NetBIOS.

A mantrap can incorporate scales to weigh the individual and make certain no one is sneaking in with them.

In the current Microsoft Windows operating systems, RAS is known as Routing and Remote Access Service (RRAS). The other choices are not valid.

NNTP uses port 119. TACACS uses port 49. POP3 uses port 110. NetBIOS uses port 138 (as well as 137 and 139).

Group policies can be used to prevent users from making configuration settings to their operating system for Windows-based operating systems.

The Novell bindery was replaced by NetWare/Novell Directory Service (NDS). NDS was replaced by eDirectory.

With implicit deny, you deny access to named users. All other users-those not appearing in the deny list-are granted access to the resources.

NDS was replaced by eDirectory. The Novell bindery was replaced by NetWare/Novell Directory Service (NDS).

Network File System (NFS) is the default file-sharing protocol for Unix-based systems. Network Basic Input Output System (NetBIOS) is the native networking protocol of Windows-based PCs. NetBIOS Extended User Interface (NetBEUI) is used to transport NetBIOS across the LAN. Windows Internet Naming Service (WINS) translates NetBIOS names to TCP/IP addresses.

The relative distinguished name (RDN) is the portion of the name that is unique within the container. The canonical name (CN) is the distinguished name given in a top-down notation. The user principal name (UPN) consists of the user account and the user's domain name and is often referred to as the friendly name. The domain name (DN) exists for every object in Active Directory and must be unique; it is the full path of the object, including any containers.

The user principal name (UPN) consists of the user account and the user's domain name and is often referred to as the friendly name. The relative distinguished name (RDN) is the portion of the name that is unique within the container. The canonical name (CN) is the distinguished name given in a top-down notation. The domain name (DN) exists for every object in Active Directory and must be unique; it is the full path of the object, including any containers.

The domain name (DN) exists for every object in Active Directory and must be unique; it is the full path of the object, including any containers. The relative distinguished name (RDN) is the portion of the name that is unique within the container. The user principal name (UPN) consists of the user account and the user's domain name and is often referred to as the friendly name. The canonical name (CN) is the distinguished name given in a top-down notation.

LDAP uses port 389. LDAP with SSL uses port 626. IMAP uses port 143. HTTPS uses port 443.

With IIS, the anonymous account is IUSR_computername, which becomes IUSR_blackwater in this case. The other options are incorrect.

The telephone company is always abbreviated as the central office (CO). Connections to the CO are often done through T1 and T3 lines.