Access Control Models

19 Questions

Which access control model could you use to prevent users from logging into their accounts after business hours?

Mandatory access control

What is the first law of OPSEC?

If you don't know the threat, how do you know what to protect?

What is the function of the IOSS?

Providing OPSEC awareness and training

What is OPSEC concerned with?

Identifying, controlling, and protecting unclassified information associated with specific military operations and activities

In the operations security process, what is the difference between assessing threats and assessing vulnerabilities?

Threats are potential risks, while vulnerabilities are weaknesses that can be exploited

Why might you want to use information classification?

To prioritize protection of critical information

What is the origin of operations security?

The Vietnam War

Define competitive counterintelligence.

The act of collecting and analyzing actionable information about competitors

What type of data is COPPA concerned with?

Personal information of children

Which of the following best describes the primary goal of COPPA?

To give parents control over their children's online information

How do compliance and security relate to each other?

Compliance and security are interconnected but different

Why are industry regulations, such as PCI DSS, important?

To maintain a secure environment for credit card information

What are the potential impacts of being out of compliance?

Financial losses and security breaches

Which set of ISO standards might be useful for an information security program?

ISO/IEC 27001

What are the three major concerns for physical security in order of importance?

Personnel, Data, Equipment

What are the three main kinds of physical security measures?

Deterrent, Detective, Preventative

Why might you want to use RAID?

To protect data from device failures

Can you give three examples of physical controls that work as deterrents?

Signs, Guards, Dogs

What is residual data, and why is it a concern when protecting the security of your data?

Data that is still in use, but no longer needed

Test your knowledge of access control models, authorization, and OPSEC with this quiz! Learn about the different access control models, understand the process of authorization, and discover the first law of OPSEC. Challenge yourself and see how well you know these important concepts in information security.

Make Your Own Quizzes and Flashcards

Convert your notes into interactive study material.