ISC2 SSCP WGU C845
What is the set of protocols and standards that provide automated ways to create,
manage, and use trust relationships between servers and clients? - answer trust
framework
What are the design concepts and ideas by which organizations identify their needs for
technical and administrative implementation of trust frameworks as part of their broader
organizational information security posture? - answer trust architecture
What type of trust relationship are the design concepts and ideas by which
organizations identify their needs for technical and administrative implementation of
trust frameworks as part of their broader organizational information security posture? -
answer one-way trust
What type of trust relationship exist when both organizations have the same level of
trust in all of the users in the other's domain. This does not have to be as high a level of
trust as what they repose in their own people but just a symmetric or matching degree
of trust. - answertwo-way trust
What type of trust relationship happens when organization A trust organization B,
organization B trusts C, and then in effect organization A trusts C? - answertransitive
The term for being one at the root or start of that set of relationships in a chain of trust. -
answertrust anchor
What is a virtual extension to an organization's intranet (internal LAN) system, which
allows outside organizations to have a greater degree of collaboration, information
sharing, and use of information and systems of both organizations? They typically look
to provide application-layer shared access and may do this as part of a service-oriented
architecture (SOA) approach. - answerextranet
What is an internet segment logically restricted to users who are members of the
organization (that is, insiders)? - answerintranet
Third-party trust relationships usually involve what three parties? - answercontent user,
content owner, certifying authority that can attest that the content in question being sent
by the content owner to the content user is authentic
What is the triple-a of identity management? - answerauthentication, authorization, and
accounting
, What is the process of implementing the management decisions about a subject's
identity and the privileges associated with it into the logical, physical, and administrative
aspects of the access control functions throughout all of the systems this identity will
require (and be allowed) access to and use of? - answerprovisioning
What is the process of temporarily or permanently revoking both the privileges
associated with an identity and the identity itself? - answerdeprovisioning
What is the identity blocks it from further access but changes no other data pertaining to
that identity, no matter where it might be stored in your systems? - answerrevoking
What denies individual users (subjects) the capability to determine the security
characteristics of files, applications, folders, or other objects within their IT workspaces.
Users cannot make arbitrary decisions, for example, to share a folder tree if that sharing
privilege has not been previously granted to them. This implements the mandatory
security policies as defined previously and results in highly secure systems? -
answermandatory access control (MAC)
What allows individual users to determine the security characteristics of objects, such
as files, folders, or even entire systems, within their IT workspaces. This is perhaps the
most common access control implementation methodology, as it comes built in to nearly
every modern operating system available for servers and endpoint devices. Typically,
these systems provide users with the ability to grant or deny the privileges to read, write
(or create), modify, read and execute, list contents of a folder, share, extend, view other
metadata associated with the object, and modify other such metadata? -
answerdiscretionary access control (DAC)
What allows the organization to choose when and how to make access control
decisions based upon a wide range of specific needs. By using role-based access
control, for example, it can (in effect) levy mandatory access control policies on one set
of subjects, under one set of roles and conditions, but allow those same subjects to
enjoy more of a discretionary access control under other conditions. Various strategies,
based on role, subject, object, or attribute, can provide the required degree of flexibility
and control? - answernondiscretionary access control (NDAC)
What grants specific privileges to subjects regarding specific objects or classes of
objects based on the duties or tasks a person (or process) is required to fulfill. Several
key factors should influence the ways that role-based privileges are assigned? -
answerrole-based access control (RBAC)
What systems combine multiple characteristics (or attributes) about a subject, an object,
or the environment to authorize or restrict access? - answerattribute-based access
control (ABAC)
What uses characteristics of each object or each class of objects to determine what
types of access requests will be granted? - answerobject-based access control
What is the set of protocols and standards that provide automated ways to create,
manage, and use trust relationships between servers and clients? - answer trust
framework
What are the design concepts and ideas by which organizations identify their needs for
technical and administrative implementation of trust frameworks as part of their broader
organizational information security posture? - answer trust architecture
What type of trust relationship are the design concepts and ideas by which
organizations identify their needs for technical and administrative implementation of
trust frameworks as part of their broader organizational information security posture? -
answer one-way trust
What type of trust relationship exist when both organizations have the same level of
trust in all of the users in the other's domain. This does not have to be as high a level of
trust as what they repose in their own people but just a symmetric or matching degree
of trust. - answertwo-way trust
What type of trust relationship happens when organization A trust organization B,
organization B trusts C, and then in effect organization A trusts C? - answertransitive
The term for being one at the root or start of that set of relationships in a chain of trust. -
answertrust anchor
What is a virtual extension to an organization's intranet (internal LAN) system, which
allows outside organizations to have a greater degree of collaboration, information
sharing, and use of information and systems of both organizations? They typically look
to provide application-layer shared access and may do this as part of a service-oriented
architecture (SOA) approach. - answerextranet
What is an internet segment logically restricted to users who are members of the
organization (that is, insiders)? - answerintranet
Third-party trust relationships usually involve what three parties? - answercontent user,
content owner, certifying authority that can attest that the content in question being sent
by the content owner to the content user is authentic
What is the triple-a of identity management? - answerauthentication, authorization, and
accounting
, What is the process of implementing the management decisions about a subject's
identity and the privileges associated with it into the logical, physical, and administrative
aspects of the access control functions throughout all of the systems this identity will
require (and be allowed) access to and use of? - answerprovisioning
What is the process of temporarily or permanently revoking both the privileges
associated with an identity and the identity itself? - answerdeprovisioning
What is the identity blocks it from further access but changes no other data pertaining to
that identity, no matter where it might be stored in your systems? - answerrevoking
What denies individual users (subjects) the capability to determine the security
characteristics of files, applications, folders, or other objects within their IT workspaces.
Users cannot make arbitrary decisions, for example, to share a folder tree if that sharing
privilege has not been previously granted to them. This implements the mandatory
security policies as defined previously and results in highly secure systems? -
answermandatory access control (MAC)
What allows individual users to determine the security characteristics of objects, such
as files, folders, or even entire systems, within their IT workspaces. This is perhaps the
most common access control implementation methodology, as it comes built in to nearly
every modern operating system available for servers and endpoint devices. Typically,
these systems provide users with the ability to grant or deny the privileges to read, write
(or create), modify, read and execute, list contents of a folder, share, extend, view other
metadata associated with the object, and modify other such metadata? -
answerdiscretionary access control (DAC)
What allows the organization to choose when and how to make access control
decisions based upon a wide range of specific needs. By using role-based access
control, for example, it can (in effect) levy mandatory access control policies on one set
of subjects, under one set of roles and conditions, but allow those same subjects to
enjoy more of a discretionary access control under other conditions. Various strategies,
based on role, subject, object, or attribute, can provide the required degree of flexibility
and control? - answernondiscretionary access control (NDAC)
What grants specific privileges to subjects regarding specific objects or classes of
objects based on the duties or tasks a person (or process) is required to fulfill. Several
key factors should influence the ways that role-based privileges are assigned? -
answerrole-based access control (RBAC)
What systems combine multiple characteristics (or attributes) about a subject, an object,
or the environment to authorize or restrict access? - answerattribute-based access
control (ABAC)
What uses characteristics of each object or each class of objects to determine what
types of access requests will be granted? - answerobject-based access control
