ISAC Access Control and Authentication

Question 1

What is the principle of "least privilege"?

Accepted Answer

Users should be granted the minimum level of access necessary to perform their job.

Answer

Users should only have access to the systems they use most frequently.

Answer

Users should have access to all resources for greater efficiency.

Answer

Access permissions should expire after a set period of inactivity.

Question 2

Which of the following is an example of multi-factor authentication (MFA)?

Accepted Answer

Using a password and a fingerprint scanner

Answer

Using a password and a security question

Answer

Using two different passwords

Answer

Using an access card only

Question 3

What is a strong password policy?

Accepted Answer

Requiring passwords to be at least 8 characters long, with a mix of letters, numbers, and symbols

Answer

Requiring users to change their passwords monthly

Answer

Allowing users to reuse old passwords

Answer

Requiring passwords to contain only letters and numbers

Question 4

What does two-factor authentication (2FA) protect against?

Accepted Answer

Unauthorized access from compromised credentials

Answer

Data loss during a system failure

Answer

Network downtime caused by a DDoS attack

Answer

Malware infection on a device

Question 5

Why is it important to disable unused user accounts promptly?

Accepted Answer

To prevent unauthorized access through dormant accounts

Answer

To reduce clutter in the system

Answer

To free up storage space

Answer

To improve system performance