CNIT 270 Exam 1 (Latest Update 2026 /
2027) Questions & Answers {Grade A}
100% Correct
What is a sticky bit? - correct answer When applied to a directory it specifies that only
the owner of any file in the directory can rename, move, or delete that file.
What is a superuser? - correct answer A user that is exempt from usual access
control restrictions and has system-wide access. This account can take ownership and
change the permissions of all objects in the system. "ROOT"
What is Role-based access control? - correct answer Controls based on the roles that
users have within the system and on rules stating what accesses are allowed to users
in given roles.
,What is Discretionary access control? - correct answer Controls based on the ID of the
requestor.
What is Mandatory access control? - correct answer Controls are based on comparing
labels indicating sensitivity of resources with security clearances. Entities with
clearance cannot enabled other entities access to that resource.
What is Attribute-based access control? - correct answer Controls access based on
attributes of the user, the resource, and current environmental conditions.
What are mutually exclusive roles in terms of RBAC? - correct answer A user can only
be assigned to one role in the set. Any permission can be granted to only one role in
the set.
,What is cardinality in terms of RBAC? - correct answer Setting a maximum number
with respect to roles.
What are prerequisite roles in terms of RBAC? - correct answer Dictates that a user
can only be assigned to a particular role if it is already assigned to some other
specified role.
What are 4 methods of procedural access control? - correct answer 1) Separation of
duties
2) Job rotation
3) Mandatory vacations
4) Principle of least privilege
What is separation of duties in terms of procedural access control? - correct answer If
a fraudulent process is going to be put into action, it should be divided between two or
, more individuals. No single person should be able to carry out certain processes
unilaterally.
What is job rotation in terms of procedural access control? - correct answer Limits the
amount of time that individuals can manipulate security configurations. Exposes
potential fraud by having multiple individuals learn about the job and possible uncover
vulnerabilities. Can reduce burnout in employees.
What are mandatory vacations in terms of procedural access control? - correct
answer For sensitive positions, individuals are mandated to take vacation and security
audits are conducted while they are away.
What is the principle of least privilege in terms of procedural access control? - correct
answer Limit access to the minimum required to do the job. Eliminate unnecessary
privileges. Should apply to users and processes.
2027) Questions & Answers {Grade A}
100% Correct
What is a sticky bit? - correct answer When applied to a directory it specifies that only
the owner of any file in the directory can rename, move, or delete that file.
What is a superuser? - correct answer A user that is exempt from usual access
control restrictions and has system-wide access. This account can take ownership and
change the permissions of all objects in the system. "ROOT"
What is Role-based access control? - correct answer Controls based on the roles that
users have within the system and on rules stating what accesses are allowed to users
in given roles.
,What is Discretionary access control? - correct answer Controls based on the ID of the
requestor.
What is Mandatory access control? - correct answer Controls are based on comparing
labels indicating sensitivity of resources with security clearances. Entities with
clearance cannot enabled other entities access to that resource.
What is Attribute-based access control? - correct answer Controls access based on
attributes of the user, the resource, and current environmental conditions.
What are mutually exclusive roles in terms of RBAC? - correct answer A user can only
be assigned to one role in the set. Any permission can be granted to only one role in
the set.
,What is cardinality in terms of RBAC? - correct answer Setting a maximum number
with respect to roles.
What are prerequisite roles in terms of RBAC? - correct answer Dictates that a user
can only be assigned to a particular role if it is already assigned to some other
specified role.
What are 4 methods of procedural access control? - correct answer 1) Separation of
duties
2) Job rotation
3) Mandatory vacations
4) Principle of least privilege
What is separation of duties in terms of procedural access control? - correct answer If
a fraudulent process is going to be put into action, it should be divided between two or
, more individuals. No single person should be able to carry out certain processes
unilaterally.
What is job rotation in terms of procedural access control? - correct answer Limits the
amount of time that individuals can manipulate security configurations. Exposes
potential fraud by having multiple individuals learn about the job and possible uncover
vulnerabilities. Can reduce burnout in employees.
What are mandatory vacations in terms of procedural access control? - correct
answer For sensitive positions, individuals are mandated to take vacation and security
audits are conducted while they are away.
What is the principle of least privilege in terms of procedural access control? - correct
answer Limit access to the minimum required to do the job. Eliminate unnecessary
privileges. Should apply to users and processes.
