Access Control Fundamentals
37 Questions
5 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What does authentication specifically verify about a user or entity?

  • The overall trustworthiness of the user's identity.
  • The validity of the user's credentials. (correct)
  • Whether the user's credentials are fictitious.
  • Whether the user has the necessary permissions to access certain data.
  • Which process follows authentication to determine what resources a user can access?

  • Encryption
  • Authorization (correct)
  • Audit
  • Verification
  • What is the primary goal of conducting an audit in the context of security?

  • To verify user credentials.
  • To ensure compliance with regulatory standards. (correct)
  • To assign permissions to users.
  • To conduct real-time monitoring of user actions.
  • Which statement accurately describes the relationship between authorization and authentication?

    <p>Authentication must occur prior to authorization for effective security.</p> Signup and view all the answers

    If an entity's credentials are deemed invalid, which process has failed?

    <p>Authentication</p> Signup and view all the answers

    What is the basis for discretionary access control (DAC)?

    <p>It is based on the identity of the requestor and access rules.</p> Signup and view all the answers

    Which of the following best describes access control policies?

    <p>They are generally divided into categorical groupings.</p> Signup and view all the answers

    Under discretionary access control, who has the authority to grant permissions?

    <p>The owner of the resource being accessed.</p> Signup and view all the answers

    Which of the following statements about access rules is true?

    <p>Access rules determine what requestors are allowed or not allowed to do.</p> Signup and view all the answers

    In discretionary access control, what aspect is most critical for defining access permissions?

    <p>The identity of the requestor along with access rules.</p> Signup and view all the answers

    What is included in the access rights of a device apart from controlling its operation?

    <p>Ability to read/write the device</p> Signup and view all the answers

    Which of the following is NOT a function associated with device access rights?

    <p>Initializing network connections</p> Signup and view all the answers

    Which of the following best describes the control function related to device access rights?

    <p>It allows the device to perform operations such as a disk seek.</p> Signup and view all the answers

    Access rights for a device facilitate which type of interaction?

    <p>Reading, writing, and controlling device usage</p> Signup and view all the answers

    Which option represents an example of blocking/unblocking a device for use?

    <p>Temporarily suspending the device's operation for maintenance</p> Signup and view all the answers

    What does a row in the access matrix represent?

    <p>A protection domain with associated objects</p> Signup and view all the answers

    Which statement correctly describes protection domains?

    <p>They can associate capabilities with different access rights.</p> Signup and view all the answers

    How can the association between a process and a protection domain be characterized?

    <p>It can be either static or dynamic.</p> Signup and view all the answers

    What is one way protection domains are implemented in operating systems such as UNIX?

    <p>Through differentiation between user and kernel mode.</p> Signup and view all the answers

    In terms of user access rights, what can a user do regarding processes?

    <p>Spawn processes with a subset of their rights.</p> Signup and view all the answers

    Which of the following best describes a set of objects together with access rights?

    <p>A protection domain</p> Signup and view all the answers

    What role does the control unit play regarding subjects accessing objects?

    <p>It mediates access to objects based on the current state of the access matrix.</p> Signup and view all the answers

    Which aspect of protection domains offers more flexibility?

    <p>Dynamic association with process execution</p> Signup and view all the answers

    What is the primary function of administrative policies in access control?

    <p>To determine who can add or modify authorization rules</p> Signup and view all the answers

    Which of the following represents the purpose of dual control in security?

    <p>To require collaboration between two or more individuals to complete tasks</p> Signup and view all the answers

    In access control, what does the term 'object' refer to?

    <p>A container or resource that holds information</p> Signup and view all the answers

    What is denoted by 'access rights' in access control mechanisms?

    <p>The rules governing how subjects can interact with objects</p> Signup and view all the answers

    Discretionary Access Control (DAC) allows an entity to:

    <p>Delegate access to other entities for specific resources</p> Signup and view all the answers

    In the context of the access matrix, what do the matrix entries indicate?

    <p>The access rights of subjects for particular objects</p> Signup and view all the answers

    Which access control structure is characterized by being often sparse?

    <p>Access matrices</p> Signup and view all the answers

    What aspect of security does enforcing administrative policies primarily involve?

    <p>Controlling who can modify access permissions</p> Signup and view all the answers

    What is the role of access control mechanisms in relation to administrative policies?

    <p>To enforce the terms laid out by the administrative policies</p> Signup and view all the answers

    Which factors determine the protection level in access control?

    <p>The environment where access control operates</p> Signup and view all the answers

    Which statement about the classes of subjects in access control is true?

    <p>They are categorized into owner, group, and world</p> Signup and view all the answers

    Why is it important to utilize an access matrix in Discretionary Access Control?

    <p>To provide a clear representation of subject-object interactions</p> Signup and view all the answers

    The ability to create or delete objects falls under which type of access right?

    <p>Write access</p> Signup and view all the answers

    What is the main purpose of specifying who can modify authorization rules in access control?

    <p>To enhance accountability and prevent unauthorized changes</p> Signup and view all the answers

    Study Notes

    Authentication

    • Authentication verifies that a user or entity is valid.

    Authorization

    • Authorization defines what access is allowed.

    Audit

    • Audits record access events and determine who did what.

    Access Control Policies

    • Access control policies specify what access is allowed.

    Discretionary Access Control (DAC)

    • Allows an entity to grant access to another entity for a specific resource.
    • This is often implemented using an access matrix which has a row for each subject and a column for each object.
    • Each cell in the matrix indicates the access rights for the corresponding subject to the respective object.

    Administrative Policies

    • Administrative policies are needed to specify who can modify authorization rules.

    Dual Control

    • Dual control requires two or more individuals to work together to complete a task.

    Access Control Basic Elements

    • Subject: An entity capable of accessing objects (e.g., a user, a process).
    • Object: Entity containing or receiving information (e.g., files, databases).
    • Access Right: Specifies how a subject can access an object (e.g., read, write, execute, delete, create, search).

    Access Control Structures

    • An access matrix represents access rights.
    • The access matrix can be implemented using decomposition, which involves dividing a single matrix into separate structures.

    Protection Domains

    • A defined set of objects and access rights associated with them.
    • A row defines a protection domain in an access matrix.
    • Users can spawn processes with specific access rights within their protection domain.
    • The association between a process and a domain can be static or dynamic.

    Security Kernel

    • A security kernel enforces system security policies.
    • It is located in the trusted computing base (TCB), acting as an intermediary between the user and the system.

    Examples

    • The distinction between user and kernel mode in operating systems like UNIX represents a form of protection domain.
    • Devices can be controlled via access rights, including read/write access, operation control, and use blocking/unblocking.
    • Subjects can have different access rights to devices, with some having privileged access.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Related Documents

    Description

    This quiz covers essential concepts of access control, including authentication, authorization, audit processes, and access control policies. Test your knowledge on discretionary access control, administrative policies, and the fundamental elements that define subjects and objects in access control systems.

    More Like This

    Use Quizgecko on...
    Browser
    Browser