Test your basic knowledge |

Comptia Security +: Network Access

Instructions:
  • Answer 45 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Data - hardware - networks - facility are access control ________






2. Password type based on fact or opinion based information - best for authentication that users do not use often - easy to remember






3. Error caused by biometrics where the system accepts impostors - also know as false acceptance rate (FAR)






4. Security controls that spot and capture details about a security breach - i.e. a log file






5. Builds on the dictionary attack by adding numbers and special characters and does some common substitution






6. A password attack that encrypts all the words in the dictionary and compares the resulting hash values with those of the password






7. Lists of permission associated with objects - used in the DAC model - typically include a implicit deny rule






8. A password attack that tries all possible combinations until the correct password is identified






9. MAC - DAC - and RBAC






10. Password length/complexity help defend against this attack






11. Feature of an OS that allows for logical access control by grouping subjects with common characteristics






12. Authentication method that include pin - password - code words - personal information






13. Using any two authentication methods






14. Access control model concerned with information integrity






15. Form of physical authentication - id/smart card - atm card - token - key - passport - something you __________






16. Information classification is no write up - no read down






17. Password type that best defends against password attacks - i.e. tokens






18. A small room with two authentication doors - after gaining access to the 1st door the subject is locked in until access to granted to the 2nd door






19. Form of authentication that relies on human characteristic - fingerprint - hand geometry - facial recognition - eye scan - voice print - DNA - something you _________






20. Token that generates a password based on challenge/response






21. Cognitive - dynamic - one-time - passphrase






22. Procedures -processes - controls that determine access are access control ________






23. The point at which the false rejection rate equals the false acceptance rate - used to determine the accuracy of biometric systems - low value = high accuracy






24. Used by most ACLs - also known as deny by default






25. ACL stands for...






26. Data can only be accessed through applications - designed to prevent unauthorized modification - errors and fraud






27. Access control model that does not allow data to be accessed directly - concerned with separation of duty or function






28. Security controls that thwart a security breach - i.e. require user ID and password






29. Access control model designed to prevent authorized access to classified information - concerned with information confidentiality






30. User - programs - processes - requesting permissions are access control ________






31. Tailgating - piggybacking - social engineering






32. CER stands for...






33. The process of recovering passwords from stored/transmitted data






34. A password attack that uses a look up table containing pre-computed hashes






35. Error caused by biometrics where the system rejects authorized individuals - also know as false rejection rate (FRR)






36. Set of rules enforced by an OS to enhance security by forcing users to employ strong passwords






37. Something you know - have - are or location






38. Dictionary - hybrid - brute force - rainbow table






39. Preset (key in knob) - deadbolt - combination padlock - cipher






40. Using three or more authentication methods






41. Identification - authentication - authorization - accountability






42. The most popular form of authentication






43. Security controls that fix a problem or prevent further damage






44. Information classification is no read up - no write down






45. Token that generates a password based on time or event