FREE Data Warehousing on AWS: Security and Access Control Questions and Answers
Which of the following must be different for every object in Active Directory?
Every object in Active Directory has a domain name (DN), which must be distinct and contains the entire path to the object, including any containers.
The part of the name that is special within the container is called the relative distinguishing name (RDN).
The user principal name (UPN), also known as the friendly name, is made up of the user account and the user's domain name.
The distinguished name presented in a top-down notation is called the canonical name (CN).
Which of the following uses port 389 as an X.500 implementation?
A simplified version of X.500 called Lightweight Directory Access Protocol (LDAP) runs on port 389.
The other options are not acceptable answers to this question.
Which of the following access threats entails someone browsing your files in search of something intriguing?
All of the options are different access attacks.
Someone searches through your files during a snooping assault in the aim of finding something intriguing.
The attacker listens in on or overhears portions of a discussion during an eavesdropping attack.
A passive interception attack involves persistent network traffic monitoring.
A computer is positioned between the sender and recipient in an active interception attack in order to intercept information while it is being delivered.
The Novell directory management service that took the place of NDS is which of the following?
NDS was swapped out with eDirectory.
NetWare/Novell Directory Service took the position of the Novell bindery (NDS).
The friendly name for which of the following is it most common to use?
The user principal name (UPN), also known as the friendly name, is made up of the user account and the user's domain name.
The part of the name that is special within the container is called the relative distinguishing name (RDN).
The distinguished name presented in a top-down notation is called the canonical name (CN).
Every object in Active Directory has a domain name (DN), which must be distinct and contains the entire path to the object, including any containers.
Which of the following authentication protocols uses an encrypted challenge and challenges a system to confirm identity?
The Challenge Handshake Authentication Protocol (CHAP) uses an encrypted challenge to test a system's ability to confirm its identity.
Security tokens are certificates in the form of tokens that include the rights and access privileges of the token bearer.
The Password Authentication Protocol (PAP), one of the most basic methods of authentication, offers no real protection and requires the clear-text transmission of both the login and the password.
A principal (user, system, program, etc.) is authenticated by Kerberos, and it is then given a ticket.
Which of the subsequent authentication techniques is the most straightforward?
The Password Authentication Protocol (PAP), one of the most basic methods of authentication, offers no real protection and requires the clear-text transmission of both the login and the password.
The Challenge Handshake Authentication Protocol (CHAP) uses an encrypted challenge to test a system's ability to confirm its identity.
Security tokens are certificates in the form of tokens that include the rights and access privileges of the token bearer.
A principal (user, system, program, etc.) is authenticated by Kerberos, and it is then given a ticket.
Which of the following is not a protocol used by Microsoft?
For Unix-based systems, Network File System (NFS) is the standard file-sharing protocol.
The native networking protocol of computers running Windows is called Network Basic Input Output System (NetBIOS).
NetBIOS is transported across the LAN via the NetBIOS Extended User Interface (NetBEUI).
Transforming NetBIOS names into TCP/IP addresses is done by the Windows Internet Naming Service (WINS).
Which of the following authentication protocols issues a ticket to the principal (a user, system, program, etc.) after authenticating it?
A principal (user, system, program, etc.) is authenticated by Kerberos, and it is then given a ticket.
The Challenge Handshake Authentication Protocol (CHAP) uses an encrypted challenge to test a system's ability to confirm its identity.
Security tokens are certificates in the form of tokens that include the rights and access privileges of the token bearer.
The Password Authentication Protocol (PAP), one of the most basic methods of authentication, offers no real protection and requires the clear-text transmission of both the login and the password.
Out of the following LDAP/Active Directory names, which one is a distinguished name according to top-down notation?
The distinguished name presented in a top-down notation is called the canonical name (CN).
The part of the name that is special within the container is called the relative distinguishing name (RDN).
The user principal name (UPN), also known as the friendly name, is made up of the user account and the user's domain name.
The alternative is not an acceptable option for an LDAP/Active Directory name type.
Which of the following names has the distinctive part that is specific to the container?
The part of the name that is special within the container is called the relative distinguishing name (RDN).
The distinguished name presented in a top-down notation is called the canonical name (CN).
The user principal name (UPN), also known as the friendly name, is made up of the user account and the user's domain name.
Every object in Active Directory has a domain name (DN), which must be distinct and contains the entire path to the object, including any containers.
Which access control model utilizes a fixed set of access rights to files on the system and is static?
A static approach called Mandatory Access Control (MAC) uses a predetermined set of access privileges to files on the system.
The Discretionary Access Control (DAC) paradigm features optional labels and allows the owner of a resource to set rights for the data they control.
Based on the position the user has within the business, the Role-Based Access Control (RBAC) paradigm enables the user to operate in a specific predetermined manner.
A legitimate access control model is not BRACK.
Which of the following doesn't constitute a legitimate access control model?
A legitimate access control model is not BAC.
The Discretionary Access Control (DAC) paradigm features optional labels and allows the owner of a resource to set rights for the data they control.
A static approach called Mandatory Access Control (MAC) uses a predetermined set of access privileges to files on the system.
Based on the position the user has within the business, the Role-Based Access Control (RBAC) paradigm enables the user to operate in a specific predetermined manner.
Which access control model enables a person, based on the position they have within the company, to behave in a specific specified manner?
Based on the position the user has within the business, the Role-Based Access Control (RBAC) paradigm enables the user to operate in a specific predetermined manner.
A static approach called Mandatory Access Control (MAC) uses a predetermined set of access privileges to files on the system.
The Discretionary Access Control (DAC) paradigm features optional labels and allows the owner of a resource to set rights for the data they control. A legitimate access control model is not SAC.
Which of the following is the default networking protocol for computers running Windows?
The native networking protocol of computers running Windows is called Network Basic Input Output System (NetBIOS).
The networking protocol known as Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX), which is exclusive to Novell, was used with NetWare 4.x and older versions.
NetBIOS is transported across the LAN via the NetBIOS Extended User Interface (NetBEUI).
For Unix-based systems, Network File System (NFS) is the standard file-sharing protocol.
Which access control model has non-mandatory labels and allows the resource owner to set privileges to the data they own?
The Discretionary Access Control (DAC) paradigm features optional labels and allows the owner of a resource to set rights for the data they control.
A static approach called Mandatory Access Control (MAC) uses a predetermined set of access privileges to files on the system.
Based on the position the user has within the business, the Role-Based Access Control (RBAC) paradigm enables the user to operate in a specific predetermined manner.
A legitimate access control model is not BAC.