Untitled Quiz

Questions and Answers

PDF Questions PDF Answers

Who determines who gains access to the data in a DAC model?

The operating system

The system administrator

The user requesting access

The owner of the data (correct)

What is the concept of least privilege in access control?

Giving all users full access to all resources

Denying all users access to sensitive resources

Granting users the minimum access required to perform their tasks (correct)

Allowing users to access any resource they request

What permissions does the Linux permission code 764 represent?

rw-r-xr--

rwxr-xr- (correct)

rwxr--r--

rw-r-xr--

What access does the Linux permission code 764 give to the group?

Read and execute permissions

What is the main advantage of using a DAC model for access control?

It provides a fine-grained access control

What is the primary focus of Linux-based access control?

File system permissions

Why are Linux file permissions important for security professionals?

They are frequently tested on the Security+ exam

What is a common mistake when configuring Linux file permissions?

Setting permissions too permissively

What is the primary benefit of understanding Linux file permissions?

Enhanced system security

What is a key concept in Linux-based access control?

Discretionary access control

What is the primary factor that Mandatory Access Control is based on?

Classification level of the data

In the context of Linux-based access control, what type of control is used to restrict access based on a user's identity?

Discretionary Access Control

What is the primary difference between Discretionary Access Control and Mandatory Access Control?

DAC is based on user identity, while MAC is based on data classification

What type of access control is depicted in Figure 1.3?

Discretionary Access Control

What is the significance of the classification level of the data in Mandatory Access Control?

It determines the data's sensitivity level

Study Notes

Linux-Based Access Control

• Linux file permissions are a crucial aspect of the Security+ exam, despite not being explicitly mentioned in the exam objectives.

Discretionary Access Control (DAC)

• In a DAC model, the owner of the data determines who gains access to it.

Least Privilege

• Least privilege is a principle that grants users only the minimum level of access and privileges required to perform their tasks.

Linux File Permissions

• The Linux permission of 764 grants the following access: • Owner: Read, Write, and Execute (7) • Group: Read and Write (6) • Others: Read (4)

Example of DAC File Permissions

• A user named Ian has Read and Read & Execute permissions, as illustrated in Figure 1.3.

Mandatory Access Control (MAC)

• MAC is based on the classification level of the data, unlike DAC which is based on the owner's discretion.