100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CISSP Cram Test Questions_ Domain 3 - Identity and Access Management $10.49   Add to cart

Exam (elaborations)

CISSP Cram Test Questions_ Domain 3 - Identity and Access Management

 2 views  0 purchase
  • Course
  • Institution

CISSP Cram Test Questions_ Domain 3 - Identity and Access Management

Preview 3 out of 19  pages

  • July 4, 2024
  • 19
  • 2023/2024
  • Exam (elaborations)
  • Questions & answers
avatar-seller
CISSP Cram Test Questions: Domain 1 -
Identity and Access Management

A potential problem related to the physical installation of the Iris Scanner in regards to
the usage of the iris pattern within a biometric system is - ANS-The optical unit must be
positioned so that the sun does not shine into the aperture

In Mandatory Access Control sensitivity labels attached to object contain what
information - ANS-The items classification and category set

Which of the following is true about Kerberos - ANS-It depends upon symmetric ciphers

What is needed for System Accountability? - ANS-Audit mechanisms

What is Kerberos - ANS-A trusted third party authentication protocol

Kerberos depends upon what encryption method - ANS-Secret key cryptography

A confidential number used as an authentication factor to verify a user's identity is called
a - ANS-PIN

Individual accountability does not include? - ANS-policies and procedures

What exemplifies proper separation of duties? - ANS-operators are not permitted to
modify the system time

an access control policy for a bank teller is an example of the implementation of -
ANS-Role-based policies

Which authentication method creates a problem for mobile users - ANS-mechanisms
based on IP addresses

organization should consider what before allowing external access to their LANs via the
internet - ANS-plan for considering proper authentication protocols

Kerberos can prevent what type of attack - ANS-replay attack

,in discretionary access environments, what entity is authorized to grant information
access to other people - ANS-data owner

what is the main concern with single sign on - ANS-maximum unauthorized access
would be possible if password disclosed

Who developed one of the first mathematical models of a multilevel-security computer
system - ANS-Bell and LaPadula

what attack captures network user passwords - ANS-sniffing

what constitutes the best example of a password to use for access to a system by a
network administrator - ANS-GnN19za

what physical characteristic does a retinal scan biometric device measure - ANS-the
pattern of blood vessels at the back of the eye

What is The Computer Security Policy Model the Orange Book based on - ANS-Bell
LaPadula

The end result of implementing the principles of least privilege means which of the
following - ANS-users would get access to only the info for which they have a need to
know

The most reliable authentication method for remote access is - ANS-synchronous token

What does two-factor authentication rely - ANS-2 independent proofs of identity

The primary service provided by kerberos is - ANS-authentication

When you compare the trust models found in Kerberos with the ones in Public Key
Infrastructures (PKI), Kerberos tickets correspond most closely to - ANS-public-key
certificates

What security model allows the subject's clearance compared to the object's
classification - ANS-Bell LaPadula

What was developed to address the weakness in Kerberos - ANS-sesame

, what 2 advantages does single sign-on have - ANS-convenience and centralized
administration

what is the primary role of smart cards in a PKI - ANS-tamper resistant, mobile storage
and application of private keys of the users

what kind of certificate is used to validate a user identity - ANS-public key certificate

What is NOT a security characteristic needed to consider when choosing biometric
systems - ANS-cost

what 2 questions does biometrics use of physical attributed of a person - ANS-what part
of the body is used and how to accomplish identification that is viable

in biometric identification systems the parts of the body conveniently available for
identification are - ANS-hands, face and eyes

Controlling access to information systems and associated networks is necessary for the
preservation of - ANS-CIA

to control access by a subject involves setting up - ANS-access rules

ruled based access control access is determined by rules. Such rules would fit within
what category of access control - ANS-non-discretionary access control

the type of discretionary access control is based on an individuals identify -
ANS-identity-based access control

which access control type has a central authority that determines to what objects the
subjects have access to and it is based on role or the organizational security policy -
ANS-non-discretionary access control

Which of the control pairings includes organizational policies and procedures, pre
employment background checks, strict hiring practices - ANS-preventive/administrative
pairing

logical controls, such as encryptoin, represent which pairing - ANS-preventive/ technical
pairing

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller EXAMQA. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $10.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

81531 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$10.49
  • (0)
  Add to cart