IT 223 Practice Test Questions with Correct Answers

Availability: Authorized entities can use a system when they need to. Access Control: ONLY authorized entities can use ONLY those resources for which they are authorized ONLY when they are allowed. Usage of Access Control Policy driven control of access to systems, data and dialogues. Examples of access control include barriers, passwords, and biometrics Define Cryptography: Underlying technology for many access control techniques. What are the 3 A's of Access Control? Authentication Authorization Auditing Define Authentication (Part of the 3 A's): Verification (or not) of an individual's claim (usually of identity) Purpose of supplicant: The person requesting access Purpose of the verifier: The entity checking the claim Define Authorization (Part of the 3 A's): Entity is given certain permissions to access particular resources. Define Auditing (Part of the 3 A's): After-the-fact analysis of data collected about an individual's activities. Activities online can be and are monitored. Define Mandatory Access Control: Strict access control barriers to gain entry, no variation allowed. Define Discretionary Access Control: A department can decide what access to allow for each individual. Multilevel Security is on a ___ NTK (need to know) access