Access Control Methods Quiz

Questions and Answers

What is the primary goal of the authentication process?

To assign a unique identifier to a supplicant

To grant access to a resource without validation

To map an identifier to multiple entities within a security domain

To verify a supplicant's purported identity (correct)

What is the purpose of a token in the authentication process?

To generate a computer-generated number for remote login authentication (correct)

To map an identifier to a supplicant

To store a supplicant's password

To scan a supplicant's fingerprints

What is the difference between a password and a passphrase?

A passphrase is derived from a password

A password is public, while a passphrase is private

A password is shorter than a passphrase (correct)

A password is longer than a passphrase

What is the primary characteristic of something a supplicant has as an authentication factor?

It relies on something a supplicant has and can produce

What is the purpose of identification in a security domain?

To assign a unique identifier to a supplicant

What is the minimum requirement for strong authentication?

At minimum two different authentication mechanisms drawn from two different factors

What is the primary purpose of access control in an organization?

To determine whether and how to admit a user into a trusted area

What is a key characteristic of mandatory access controls (MACs)?

They rely on data classification schemes

What is referred to as an access control list (ACL) in lattice-based access control?

A column of attributes associated with a particular object

What type of access control is managed by a central authority in the organization?

Nondiscretionary control

What is a characteristic of discretionary access controls (DACs)?

They are implemented at the discretion of the data user

What is a common mechanism used by all access control approaches?

Authentication and authorization