Security Roundtable Quiz-3

11 Questions | Total Attempts: 348

SettingsSettingsSettings
Security Roundtable Quiz-3 - Quiz

Day 3: Access controls


Questions and Answers
  • 1. 
    Internal intruders are NOT usually defined as:
    • A. 

      Authorized users exceeding their authority

    • B. 

      Persons who have defeated the physical access controls of a facility

    • C. 

      Employees gaining access to controlled areas

    • D. 

      Users who access unintended areas of the network

  • 2. 
    How might an attacker with little systems experience gain privileged systems access?
    • A. 

      Dictionary attack

    • B. 

      Brute-force attack

    • C. 

      Birthday attack

    • D. 

      Shoulder-surfing attack

  • 3. 
    Which of the following is NOT a characteristic of a virus?
    • A. 

      Its primary effect is to consume system resources.

    • B. 

      It may or may not carry a malicious payload.

    • C. 

      It spreads through user action.

    • D. 

      It attaches itself to executable code.

  • 4. 
    Requiring approval before granting system access would be:
    • A. 

      A physical control

    • B. 

      A logical control

    • C. 

      A compensating control

    • D. 

      An administrative control

  • 5. 
    Granting of access privileges to certain files is:
    • A. 

      Authentication

    • B. 

      Identification

    • C. 

      Authorization

    • D. 

      Accountability

  • 6. 
    Important elements in choosing a biometric system include all of the following EXCEPT:
    • A. 

      User acceptance

    • B. 

      Accuracy

    • C. 

      Productivity

    • D. 

      Processing speed

  • 7. 
    What is a security benefit related to thin-client architecture?
    • A. 

      Reduced total cost of ownership of desktops

    • B. 

      Standardized access control

    • C. 

      Easier training for users

    • D. 

      Wider availability of applications

  • 8. 
    Audit logs should record all of the following EXCEPT:
    • A. 

      Successful access attempts

    • B. 

      System performance measurements

    • C. 

      Failed access attempts

    • D. 

      Changes to user permissions

  • 9. 
    Audit logs should be protected for all of the reasons EXCEPT:
    • A. 

      Modification may impede an investigation

    • B. 

      An attacker may try to alter them.

    • C. 

      They may contain confidential information.

    • D. 

      Standard format is critical for automated processing.

  • 10. 
    What is the best method of reducing a brute-force denial-of-service attack against a password file?
    • A. 

      Setting a higher clipping level

    • B. 

      Locking out a user for a set time period

    • C. 

      Establishing a lockout that requires administrator intervention

    • D. 

      Using a stronger cryptographic algorithm

  • 11. 
    Which of the following is NOT a common attack performed against smart cards?
    • A. 

      Etching

    • B. 

      Microprobing

    • C. 

      Fault generation

    • D. 

      Eavesdropping

Back to Top Back to top