Security + Access Control

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Joelcg
J
Joelcg
Community Contributor
Quizzes Created: 5 | Total Attempts: 4,673
Questions: 34 | Attempts: 625

SettingsSettingsSettings
Security Plus Quizzes & Trivia

Access Control


Questions and Answers
  • 1. 

    Which access control model allows the owner of a resource to establish privileges to the information they own and has nonmandatory labels?

    • A.

      DAC

    • B.

      MAC

    • C.

      RBAC

    • D.

      BAC

    Correct Answer
    A. DAC
    Explanation
    The Discretionary Access Control (DAC) model allows the owner of a resource to establish privileges to the information they own and has nonmandatory labels. The Mandatory Access Control (MAC) model is a static model that uses a predefined set of access privileges to files on the system. The Role-Based Access Control (RBAC) model allows a user to act in a certain predetermined manner based on the role the user holds in the organization. BAC is not a valid access control model.

    Rate this question:

  • 2. 

    Which of the following authentication protocols is the simplest?

    • A.

      CHAP

    • B.

      Security token

    • C.

      PAP

    • D.

      Kerberos

    Correct Answer
    C. PAP
    Explanation
    Password Authentication Protocol (PAP) offers no true security and is one of the simplest forms of authentication: both the username and the password are sent as clear text and checked for a match. Challenge Handshake Authentication Protocol (CHAP) challenges a system to verify identity and employs an encrypted challenge. Security tokens are forms of certificates that contain rights and access privileges of a token bearer as part of their token. Kerberos authenticates a principal (user, system, program, and so on) and provides it with a ticket.

    Rate this question:

  • 3. 

    Which access control model is a static model that uses a predefined set of access privileges to files on the system?

    • A.

      DAC

    • B.

      MAC

    • C.

      RBAC

    • D.

      BRACK

    Correct Answer
    B. MAC
    Explanation
    The Mandatory Access Control (MAC) model is a static model that uses a predefined set of access privileges to files on the system. The Discretionary Access Control (DAC) model allows the owner of a resource to establish privileges to the information they own and has nonmandatory labels. The Role-Based Access Control (RBAC) model allows a user to act in a certain predetermined manner based on the role the user holds in the organization. BRACK is not a valid access control model.

    Rate this question:

  • 4. 

    Which of the following authentication protocols authenticates a principal (user, system, program, and so on) and provides it with a ticket?

    • A.

      CHAP

    • B.

      Security token

    • C.

      PAP

    • D.

      Kerberos

    Correct Answer
    D. Kerberos
    Explanation
    Kerberos authenticates a principal (user, system, program, and so on) and provides it with a ticket. Challenge Handshake Authentication Protocol (CHAP) challenges a system to verify identity and employs an encrypted challenge. Security tokens are forms of certificates that contain rights and access privileges of a token bearer as part of their token. Password Authentication Protocol (PAP) offers no true security and is one of the simplest forms of authentication: both the username and the password are sent as clear text and checked for a match.

    Rate this question:

  • 5. 

    Which of the following authentication protocols challenges a system to verify identity and employs an encrypted challenge?

    • A.

      CHAP

    • B.

      Security token

    • C.

      PAP

    • D.

      Kerberos

    Correct Answer
    A. CHAP
    Explanation
    Challenge Handshake Authentication Protocol (CHAP) challenges a system to verify identity and employs an encrypted challenge. Security tokens are forms of certificates that contain rights and access privileges of a token bearer as part of their token. Password Authentication Protocol (PAP) offers no true security and is one of the simplest forms of authentication: both the username and the password are sent as clear text and checked for a match. Kerberos authenticates a principal (user, system, program, and so on) and provides it with a ticket.

    Rate this question:

  • 6. 

    Which of the following access attacks amounts to someone looking through your files in hopes of finding something interesting?

    • A.

      Snooping

    • B.

      Passive interception

    • C.

      Eavesdropping

    • D.

      Active interception

    Correct Answer
    A. Snooping
    Explanation
    All the choices listed are various types of access attacks. In a snooping attack, someone looks through your files in hopes of finding something interesting. In an eavesdropping attack, the attacker listens in on or overhears parts of a conversation. In a passive interception attack, someone routinely monitors network traffic. In an active interception attack, a computer is placed between the sender and receiver to capture information while it's sent.

    Rate this question:

  • 7. 

    Which of the following is not a valid access control model?

    • A.

      DAC

    • B.

      MAC

    • C.

      RBAC

    • D.

      BAC

    Correct Answer
    D. BAC
    Explanation
    BAC is not a valid access control model. The Discretionary Access Control (DAC) model allows the owner of a resource to establish privileges to the information they own and has nonmandatory labels. The Mandatory Access Control (MAC) model is a static model that uses a predefined set of access privileges to files on the system. The Role-Based Access Control (RBAC) model allows a user to act in a certain predetermined manner based on the role the user holds in the organization.

    Rate this question:

  • 8. 

    Which access control model allows a user to act in a certain predetermined manner based on the role the user holds in the organization?

    • A.

      DAC

    • B.

      MAC

    • C.

      RBAC

    • D.

      SAC

    Correct Answer
    C. RBAC
    Explanation
    The Role-Based Access Control (RBAC) model allows a user to act in a certain predetermined manner based on the role the user holds in the organization. The Mandatory Access Control (MAC) model is a static model that uses a predefined set of access privileges to files on the system. The Discretionary Access Control (DAC) model allows the owner of a resource to establish privileges to the information they own and has nonmandatory labels. SAC is not a valid access control model.

    Rate this question:

  • 9. 

    Which of the following is an implementation of X.500 that operates on port 389?

    • A.

      X.502

    • B.

      LDAP

    • C.

      XNS

    • D.

      XML

    Correct Answer
    B. LDAP
    Explanation
    Lightweight Directory Access Protocol (LDAP) is a pared-down X.500 implementation that operates on port 389. The other choices are not valid for this question.

    Rate this question:

  • 10. 

    Which of the following exists for every object in Active Directory and must be unique?

    • A.

      RDN

    • B.

      CN

    • C.

      UPN

    • D.

      DN

    Correct Answer
    D. DN
    Explanation
    The domain name (DN) exists for every object in Active Directory and must be unique; it is the full path of the object, including any containers. The relative distinguished name (RDN) is the portion of the name that is unique within the container. The user principal name (UPN) consists of the user account and the user's domain name and is often referred to as the friendly name. The canonical name (CN) is the distinguished name given in a top-down notation.

    Rate this question:

  • 11. 

    Which of the following is not a Microsoft protocol?

    • A.

      NFS

    • B.

      NetBIOS

    • C.

      NetBEUI

    • D.

      WINS

    Correct Answer
    A. NFS
    Explanation
    Network File System (NFS) is the default file-sharing protocol for Unix-based systems. Network Basic Input Output System (NetBIOS) is the native networking protocol of Windows-based PCs. NetBIOS Extended User Interface (NetBEUI) is used to transport NetBIOS across the LAN. Windows Internet Naming Service (WINS) translates NetBIOS names to TCP/IP addresses.

    Rate this question:

  • 12. 

    Which of the following is the portion of the name that is unique within the container?

    • A.

      RDN

    • B.

      CN

    • C.

      UPN

    • D.

      DN

    Correct Answer
    A. RDN
    Explanation
    The relative distinguished name (RDN) is the portion of the name that is unique within the container. The canonical name (CN) is the distinguished name given in a top-down notation. The user principal name (UPN) consists of the user account and the user's domain name and is often referred to as the friendly name. The domain name (DN) exists for every object in Active Directory and must be unique; it is the full path of the object, including any containers.

    Rate this question:

  • 13. 

    Which of the following is often referred to as the friendly name?

    • A.

      RDN

    • B.

      CN

    • C.

      UPN

    • D.

      DN

    Correct Answer
    C. UPN
    Explanation
    The user principal name (UPN) consists of the user account and the user's domain name and is often referred to as the friendly name. The relative distinguished name (RDN) is the portion of the name that is unique within the container. The canonical name (CN) is the distinguished name given in a top-down notation. The domain name (DN) exists for every object in Active Directory and must be unique; it is the full path of the object, including any containers.

    Rate this question:

  • 14. 

    Which of the following LDAP/Active Directory names is a distinguished name given in a top-down notation?

    • A.

      RDN

    • B.

      CN

    • C.

      UPN

    • D.

      NDP

    Correct Answer
    B. CN
    Explanation
    The canonical name (CN) is the distinguished name given in a top-down notation. The relative distinguished name (RDN) is the portion of the name that is unique within the container. The user principal name (UPN) consists of the user account and the user's domain name and is often referred to as the friendly name. The other option is not a valid choice for a type of LDAP/Active Directory name.

    Rate this question:

  • 15. 

    Which of the following is the Novell directory management service that replaced NDS?

    • A.

      DNS

    • B.

      EDirectory

    • C.

      ZENworks

    • D.

      Registry

    Correct Answer
    B. EDirectory
    Explanation
    NDS was replaced by eDirectory. The Novell bindery was replaced by NetWare/Novell Directory Service (NDS).

    Rate this question:

  • 16. 

    Which of the following is the native networking protocol of Windows-based PCs?

    • A.

      IPX/SPX

    • B.

      NetBIOS

    • C.

      NetBEUI

    • D.

      NFS

    Correct Answer
    B. NetBIOS
    Explanation
    Network Basic Input Output System (NetBIOS) is the native networking protocol of Windows-based PCs. Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX) is a networking protocol proprietary to Novell that was used with NetWare 4.x and earlier versions. NetBIOS Extended User Interface (NetBEUI) is used to transport NetBIOS across the LAN. Network File System (NFS) is the default file-sharing protocol for Unix-based systems.

    Rate this question:

  • 17. 

    Which protocol is used to manage and monitor devices in a network?

    • A.

      SNMP

    • B.

      ICMP

    • C.

      IGMP

    • D.

      TFTP

    Correct Answer
    A. SNMP
    Explanation
    Simple Network Management Protocol (SNMP) is used to manage and monitor devices in a network. Internet Control Message Protocol (ICMP) is used to report errors and reply to requests from programs such as ping and traceroute. Internet Group Management Protocol (IGMP) is used to manage group or multicasting sessions. Trivial File Transfer Protocol (TFTP) is an anonymous version of FTP.

    Rate this question:

  • 18. 

    Which of the following network protocols was proprietary and used in Novell NetWare prior to version 5?

    • A.

      IPX/SPX

    • B.

      NetBIOS

    • C.

      NetBEUI

    • D.

      NFS

    Correct Answer
    A. IPX/SPX
    Explanation
    Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX) is a networking protocol proprietary to Novell that was used with NetWare 4.x and earlier versions. Network Basic Input Output System (NetBIOS) was the native networking protocol of Windows-based PCs prior to TCP/IP. NetBIOS Extended User Interface (NetBEUI) is used to transport NetBIOS across the LAN. Network File System (NFS) is the default file-sharing protocol for Unix-based systems.

    Rate this question:

  • 19. 

    Which of the following is the Novell directory management service that replaced the bindery?

    • A.

      NDS

    • B.

      EDirectory

    • C.

      ZENworks

    • D.

      Registry

    Correct Answer
    A. NDS
    Explanation
    The Novell bindery was replaced by NetWare/Novell Directory Service (NDS). NDS was replaced by eDirectory.

    Rate this question:

  • 20. 

    Which of the following is used to transport NetBIOS across the LAN?

    • A.

      IPX/SPX

    • B.

      WINS

    • C.

      NetBEUI

    • D.

      NFS

    Correct Answer
    C. NetBEUI
    Explanation
    NetBIOS Extended User Interface (NetBEUI) is used to transport NetBIOS across the LAN. Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX) is a networking protocol proprietary to Novell that was used with NetWare 4.x and earlier versions. Network Basic Input Output System (NetBIOS) is the native networking protocol of Windows-based PCs, and WINS (Windows Internet Name Service) is used to translate NetBIOS names to network addresses. Network File System (NFS) is the default file-sharing protocol for Unix-based systems.

    Rate this question:

  • 21. 

    Which of the following sends a message from a single system to the entire network?

    • A.

      Broadcast

    • B.

      Multicast

    • C.

      Unicast

    • D.

      Sudocast

    Correct Answer
    A. Broadcast
    Explanation
    A broadcast sends a message from a single system to the entire network. A multicast sends a message to multiple addresses. A unicast is multicast formatted but oriented at a single system. There is no such valid messaging option as sudocast.

    Rate this question:

  • 22. 

    What is the acronym used for the Remote Access Service (RAS) in the current Microsoft Windows operating systems?

    • A.

      SAR

    • B.

      RAS2

    • C.

      RRAS

    • D.

      RASTER

    Correct Answer
    C. RRAS
    Explanation
    In the current Microsoft Windows operating systems, RAS is known as Routing and Remote Access Service (RRAS). The other choices are not valid.

    Rate this question:

  • 23. 

    Which port does NNTP use?

    • A.

      49

    • B.

      110

    • C.

      119

    • D.

      138

    Correct Answer
    C. 119
    Explanation
    NNTP uses port 119. TACACS uses port 49. POP3 uses port 110. NetBIOS uses port 138 (as well as 137 and 139).

    Rate this question:

  • 24. 

    RAS connections can be made using modems and what else?

    • A.

      POX

    • B.

      CO

    • C.

      POTS

    • D.

      SOX

    Correct Answer
    C. POTS
    Explanation
    RAS connections can be made using modems and Plain Old Telephone Service (POTS).

    Rate this question:

  • 25. 

    What abbreviation is used in most PBX diagrams to signify the phone company?

    • A.

      CO

    • B.

      POTS

    • C.

      PC

    • D.

      PBX-Main

    Correct Answer
    A. CO
    Explanation
    The telephone company is always abbreviated as the central office (CO). Connections to the CO are often done through T1 and T3 lines.

    Rate this question:

  • 26. 

    Virtual private networks (VPNs) employ tunneling at which layer of the OSI model?

    • A.

      1

    • B.

      2

    • C.

      4

    • D.

      5

    Correct Answer
    B. 2
    Explanation
    VPNs employ tunneling at layer 2 of the OSI model.

    Rate this question:

  • 27. 

    Which port does TACACS use?

    • A.

      49

    • B.

      110

    • C.

      119

    • D.

      138

    Correct Answer
    A. 49
    Explanation
    TACACS uses port 49. POP3 uses port 110. NNTP uses port 119. NetBIOS uses port 138 (as well as 137 and 139).

    Rate this question:

  • 28. 

    You have been instructed by your boss to block all LDAP traffic, with and without SSL. Which port(s) should you block? (Choose all that apply.)

    • A.

      143

    • B.

      389

    • C.

      443

    • D.

      636

    Correct Answer(s)
    B. 389
    D. 636
    Explanation
    LDAP uses port 389. LDAP with SSL uses port 626. IMAP uses port 143. HTTPS uses port 443.

    Rate this question:

  • 29. 

    You want to harden your IIS web server (named blackwater) by placing stricter permissions on all anonymous users. Which user account should you place stricter permissions on?

    • A.

      IUSR_blackwater

    • B.

      Anon_blackwater

    • C.

      IIS_blackwater

    • D.

      IIS_anon

    Correct Answer
    A. IUSR_blackwater
    Explanation
    With IIS, the anonymous account is IUSR_computername, which becomes IUSR_blackwater in this case. The other options are incorrect.

    Rate this question:

  • 30. 

    You want to configure your firewall to block all NetBIOS traffic. Which port(s) should you block? (Choose all that apply.)

    • A.

      137

    • B.

      138

    • C.

      139

    • D.

      140

    Correct Answer(s)
    A. 137
    B. 138
    C. 139
    Explanation
    The NetBIOS session service uses ports 137, 138, and 139. Port 140 is not used by NetBIOS.

    Rate this question:

  • 31. 

    What type of access control device can include a scale to weigh the person before allowing them entry?

    • A.

      Mantrap

    • B.

      Biometric reader

    • C.

      TACACS

    • D.

      RADIUS

    Correct Answer
    A. Mantrap
    Explanation
    A mantrap can incorporate scales to weigh the individual and make certain no one is sneaking in with them.

    Rate this question:

  • 32. 

    RADIUS should be used to improve security by adding a single authentication service for which type of users?

    • A.

      Local users

    • B.

      Remote users

    • C.

      Administrative users

    • D.

      Intranet users

    Correct Answer
    B. Remote users
    Explanation
    Remote Authentication Dial-In User Service (RADIUS) is used to authenticate users who connect remotely.

    Rate this question:

  • 33. 

    You want to prevent users from being able to change configuration settings in their Windows-based operating system. Which of the following will allow you to disable the ability of users from accessing these settings?

    • A.

      ACLs

    • B.

      Domain policies

    • C.

      Logical tokens

    • D.

      Group policies

    Correct Answer
    D. Group policies
    Explanation
    Group policies can be used to prevent users from making configuration settings to their operating system for Windows-based operating systems.

    Rate this question:

  • 34. 

    You have chosen to specifically name certain users who cannot access server resources while all other users can access those resources. What is this type of access control known as?

    • A.

      CHAP

    • B.

      Anon_block

    • C.

      Implicit deny

    • D.

      Implicit accept

    Correct Answer
    C. Implicit deny
    Explanation
    With implicit deny, you deny access to named users. All other users-those not appearing in the deny list-are granted access to the resources.

    Rate this question:

Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.