IST 266 Test4 Questions and Answers
What is the current version of TACACS? - Answer-TACACS+
How is the Security Assertion Markup Language (SAML) used? - Answer-it allows secure web domains to
exchange user authentication and authorization data
A RADIUS authentication server requires that the _____________ be authenticated firs - Answer-
supplicant
Which of these is NOT part of the makeup of the AAA elements in security? - Answer-determining user
need (analyzing)
With the development of IEEE 802.1x port security, the ________ authentication server has seen even
greater usage - Answer-radius
Which authentication protocol is available as a free download that runs on Microsoft Windows, Apple
Mac OS X, and Linux? - Answer-Kerberos
What is the version of the X.500 standard that runs on a personal computer over TCP/IP? - Answer-c.
LDAP- lightweight directory access protocol
, A user entering her user name would correspond to the _______ action in access control - Answer-
Identification
A process function on behalf of the user who attempts to access a file is known as a(n) - Answer-subject
What is the name given to the individual who periodically reviews settings and maintains records of
access by users? - Answer-custodian
In the __________ model, the end user cannot change any security settings - Answer-mandatory access
control
Which statement about Rule Based Access Control is true? - Answer-dynamically assigns roles to
subjects based on rules
_______ in access control means that if a condition is not explicitly met, then access is to be rejected -
Answer-implicit deny
Which of these is a set of permissions that is attached to an object? - Answer-Access control list (ACL)
Which Microsoft Windows feature provides centralized management and configuration of computers
and remote users who are using Active Directory? - Answer-Group Policy
A(n) _________ constructs LDAP statements based on user inputs in order to retrieve information from
the database or modify its contents - Answer-LDAP injection attack
What is the least restrictive access control model? - Answer-Discretionary Access Control (DAC)
What is the current version of TACACS? - Answer-TACACS+
How is the Security Assertion Markup Language (SAML) used? - Answer-it allows secure web domains to
exchange user authentication and authorization data
A RADIUS authentication server requires that the _____________ be authenticated firs - Answer-
supplicant
Which of these is NOT part of the makeup of the AAA elements in security? - Answer-determining user
need (analyzing)
With the development of IEEE 802.1x port security, the ________ authentication server has seen even
greater usage - Answer-radius
Which authentication protocol is available as a free download that runs on Microsoft Windows, Apple
Mac OS X, and Linux? - Answer-Kerberos
What is the version of the X.500 standard that runs on a personal computer over TCP/IP? - Answer-c.
LDAP- lightweight directory access protocol
, A user entering her user name would correspond to the _______ action in access control - Answer-
Identification
A process function on behalf of the user who attempts to access a file is known as a(n) - Answer-subject
What is the name given to the individual who periodically reviews settings and maintains records of
access by users? - Answer-custodian
In the __________ model, the end user cannot change any security settings - Answer-mandatory access
control
Which statement about Rule Based Access Control is true? - Answer-dynamically assigns roles to
subjects based on rules
_______ in access control means that if a condition is not explicitly met, then access is to be rejected -
Answer-implicit deny
Which of these is a set of permissions that is attached to an object? - Answer-Access control list (ACL)
Which Microsoft Windows feature provides centralized management and configuration of computers
and remote users who are using Active Directory? - Answer-Group Policy
A(n) _________ constructs LDAP statements based on user inputs in order to retrieve information from
the database or modify its contents - Answer-LDAP injection attack
What is the least restrictive access control model? - Answer-Discretionary Access Control (DAC)
