Access Control Quiz

Questions and Answers

What are the four parts of access control?

Identification, authorization, authentication, and accountability

Authentication, authorization, encryption, and monitoring

Identification, authentication, encryption, and monitoring

Identification, authentication, authorization, and accountability (correct)

What are the two phases of access control?

Identification and authentication

Logical and physical access controls

Authorization and accountability

Policy definition and policy enforcement (correct)

What are the five types of authentication?

Biometric, password, token, certificate, and PIN

Identification, authentication, authorization, accountability, and audit

Single-factor, multi-factor, strong, weak, and medium

Knowledge, ownership, characteristics, location, and action (correct)

Study Notes

Understanding Access Control: Four-Part System, Categories, Policies, and Authentication

• Access control is used to restrict and allow access to resources like computers, homes, and smartphones.
• The four parts of access control are identification, authentication, authorization, and accountability.
• Identification asks "who" is requesting access, authentication verifies the requester's identity, authorization determines what the requester can access, and accountability tracks actions to individuals.
• Access control has two phases: policy definition and policy enforcement.
• Physical access controls restrict access to physical resources like buildings and parking lots, while logical access controls restrict access to computer systems and networks.
• Access control policies are a set of rules that allow a specific group of users to perform a particular set of actions on a particular set of resources.
• The four central components of access control policies are users, resources, actions, and relationships.
• There are five types of authentication: knowledge, ownership, characteristics, location, and action.
• Brute-force and dictionary attacks are common methods used by attackers to crack passwords.
• A brute-force attack involves trying every possible combination of characters, while a dictionary attack hashes words in a dictionary and compares them to the system password file.
• Examples of logical access controls for a human resources system include deciding which users can access sensitive information, monitoring user actions, and restraining or influencing user behavior.
• Access control is important for protecting resources from unauthorized use and ensuring that actions can be traced back to individuals.

Description

Test your knowledge of access control with this informative quiz! Learn about the different methods used to restrict and allow access to various items, as well as the four-part access control system. This quiz will help you understand how access controls protect resources from unauthorized use. Challenge yourself with this quiz and become an access control expert!