Mastering Technical Controls and Access Control Methods Quiz

Questions and Answers

Which type of control is strictly enforced and managed by a central authority?

• Nondiscretionary controls (correct)
• Discretionary access controls (DACs)
• Mandatory access controls (MACs)
• Access control

Which method allows users to control and provide access to information/resources at their disposal?

• Access control
• Discretionary access controls (DACs) (correct)
• Nondiscretionary controls
• Mandatory access controls (MACs)

Which mechanism allows unverified entities seeking access to a resource to provide a label by which they are known to the system?

• Technical controls
• Access control
• Identification (correct)
• Authentication

What is the process of validating a supplicant's purported identity called?

Authentication (A)

What are examples of authentication factors?

Password and passphrase (B)

Which type of control is used to determine whether and how to admit a user into a trusted area of the organization?

Access control (B)

What is the purpose of mandatory access controls (MACs)?

To use data classification schemes (B)

What is the main difference between discretionary access controls (DACs) and nondiscretionary controls?

DACs allow users to control and provide access to information/resources, while nondiscretionary controls do not (D)

What is the mechanism called where unverified entities seeking access to a resource provide a label by which they are known to the system?

Identification (D)

Which of the following is an example of an authentication factor?

Password (B)