Logical Security Controls Quiz

Questions and Answers

Which type of control is exemplified by fences, doors, and locks?

Cyber control

Physical control (correct)

Logical control

Procedural control

What is the primary function of an access control system described in the AAA triad?

Authorization

Authentication (correct)

Accession

Accounting

Which of the following is an example of a logical control?

Fences and locks

User authentication (correct)

Management oversight

Incident response processes

What is the main purpose of a firewall as a security control?

Controlling network communications

What is a permission in the context of access control?

A security setting that determines the level of access an account has to a particular resource

What is an access control entry (ACE) used for within an ACL?

Identifies a subject and the permissions it has for the resource

How are subjects typically identified in network firewalls?

By MAC address, IP address, and/or port number

What is the principle of implicit deny in ACL security?

Unless there is a rule specifying that access should be granted, any request for access is denied

What is the complementary principle to implicit deny in access control?

Least Privilege

What is the identifier used in the underlying permission entries in Windows directory permissions?

Unique security ID (SID)

What happens if an account is deleted and then recreated with the same username in Windows directory permissions?

The SID will still be different, and any permissions assigned to the account will have to be recreated

How are firewall policies typically processed when filtering access requests?

In order from top to bottom, with the last (default) rule being to refuse the request if it doesn't fit any of the rules