WGU C845 - SSCP Study Guide PT2, Exam Questions and answers, Verified. 2024

WGU C845 - SSCP Study Guide PT2, Exam Questions and answers, Verified. Which item is not part of the primary security categories? Encryption What type of technical control can be used in the process of assessing compliance? Auditing What is the result of an access control management process that adds new capabilities to users as their job tasks change over time, but does not perform a regular reassessment of the assigned authorization? Privilege Creep What are the three main components of a smart lock or an electronic access control (EAC) lock? Credential reader locking mechanism door closed sensor Which technique best describes a one-to-one search to verify an individual's claim of identity? Authentication The sensitivity adjustment on a biometric authentication device affects which of the following? False acceptance rate & False rejection rate What is the name of a physical security mechanism that is used to eliminate piggybacking and tailgating and includes two locked doorways? Mantrap Which of the following is a poor choice for secure password management? Use the default password. How does discretionary access control determine whether a subject has valid permission to access an object? Check for the user identity in the object's ACL. Question 10 :What is the type of access control in the default access control method found in Microsoft Windows which allows users to share files? Discretionary access control How can an organization protect itself from compromise by accounts that were used by previous employees? Account deactivation If information being protected is critical, which is the best course of action? The encryption password should be changed more frequently Which trust architecture or model is based on the concept of an individual top level entity that all other entities trust with entities organized in levels or layers below the top level? Hierarchical trust Which of the following types of access control is preferred for its ease of administration when there are a large number of personnel with the same job in an organization? Role-based Access Control How many accounts should a typical administrative user have and why? Two accounts: one for general tasks one for special privilege tasks How is granular control of objects and resources implemented within a mandatory access control environment? Need to know Properly managing user accounts is an essential element in maintaining security. How should the process of identity management be implemented? Policies and procedures - privileged accounts have significant access capability; define the parameters of use with authorized use policies, nondisclosure agreements, and confidentiality agreements to reduce risk. How is account provisioning commonly accomplished? Create user groups based on assigned company department or job responsibility. Why is account or identity proofing necessary? It verifies that only the authorized person is able to use a specific user account. What is the term used to describe a relationship between two entities where resources from either side can be accessed by users from either side? Two-way trust Your company has recently acquired a small startup company, Metroil. Metroil has a single Microsoft Active Directory domain named Metroil-HQ. Your company has three existing domains: BaseStar1, RemoteOf2, and RemoteOf3. Your company's three existing domains are confi