Access Control Methods Quiz

Questions and Answers

What is the primary goal of the authentication process?

• To assign a unique identifier to a supplicant
• To grant access to a resource without validation
• To map an identifier to multiple entities within a security domain
• To verify a supplicant's purported identity (correct)

What is the purpose of a token in the authentication process?

• To generate a computer-generated number for remote login authentication (correct)
• To map an identifier to a supplicant
• To store a supplicant's password
• To scan a supplicant's fingerprints

What is the difference between a password and a passphrase?

• A passphrase is derived from a password
• A password is public, while a passphrase is private
• A password is shorter than a passphrase (correct)
• A password is longer than a passphrase

What is the primary characteristic of something a supplicant has as an authentication factor?

It relies on something a supplicant has and can produce (D)

What is the purpose of identification in a security domain?

To assign a unique identifier to a supplicant (B)

What is the minimum requirement for strong authentication?

At minimum two different authentication mechanisms drawn from two different factors (B)

What is the primary purpose of access control in an organization?

To determine whether and how to admit a user into a trusted area (B)

What is a key characteristic of mandatory access controls (MACs)?

They rely on data classification schemes (A)

What is referred to as an access control list (ACL) in lattice-based access control?

A column of attributes associated with a particular object (B)

What type of access control is managed by a central authority in the organization?

Nondiscretionary control (A)

What is a characteristic of discretionary access controls (DACs)?

They are implemented at the discretion of the data user (C)

What is a common mechanism used by all access control approaches?

Authentication and authorization (B)