SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Network Access
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer
45
questions in
15 minutes
.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Information classification is no write up - no read down
Biba
something you know
one time
something you know
2. A password attack that encrypts all the words in the dictionary and compares the resulting hash values with those of the password
dictionary
rainbow table
one time
subjects
3. Information classification is no read up - no write down
Bell La Padula
Biba
brute force
are
4. Used by most ACLs - also known as deny by default
subjects
Biba
implicit deny
mantrap
5. Cognitive - dynamic - one-time - passphrase
synchronous
implicit deny
detective
password types
6. A password attack that tries all possible combinations until the correct password is identified
brute force
asynchronous
common locks
access control models
7. A password attack that uses a look up table containing pre-computed hashes
Biba
password policy
rainbow table
Clark Wilson
8. MAC - DAC - and RBAC
have
objects
subjects
access control models
9. CER stands for...
crossover error rate
password cracking
access control models
have
10. Preset (key in knob) - deadbolt - combination padlock - cipher
access control models
dictionary
rainbow table
common locks
11. Dictionary - hybrid - brute force - rainbow table
Bell La Padula
synchronous
group policy
password attacks
12. Token that generates a password based on challenge/response
brute force
dictionary
group policy
asynchronous
13. User - programs - processes - requesting permissions are access control ________
multifactor
subjects
crossover error rate
asynchronous
14. Tailgating - piggybacking - social engineering
preventative
mantrap
physical access control issues
Clark Wilson
15. Password length/complexity help defend against this attack
brute force
asynchronous
CER
physical access control issues
16. The most popular form of authentication
corrective
objects
authentication methods
something you know
17. Procedures -processes - controls that determine access are access control ________
password attacks
synchronous
systems
ACLs
18. Set of rules enforced by an OS to enhance security by forcing users to employ strong passwords
Bell La Padula
cognitive
password policy
password cracking
19. Security controls that thwart a security breach - i.e. require user ID and password
one time
cognitive
brute force
preventative
20. Builds on the dictionary attack by adding numbers and special characters and does some common substitution
preventative
password policy
4 steps of access control
hybrid
21. Access control model designed to prevent authorized access to classified information - concerned with information confidentiality
Bell La Padula
have
detective
brute force
22. Security controls that fix a problem or prevent further damage
hybrid
corrective
authentication methods
implicit deny
23. Lists of permission associated with objects - used in the DAC model - typically include a implicit deny rule
have
ACLs
cognitive
type I
24. Password type that best defends against password attacks - i.e. tokens
asynchronous
Bell La Padula
one time
Biba
25. Access control model that does not allow data to be accessed directly - concerned with separation of duty or function
Clark Wilson
one time
type II
dictionary
26. ACL stands for...
4 steps of access control
one time
have
access control list
27. Error caused by biometrics where the system accepts impostors - also know as false acceptance rate (FAR)
type II
systems
multifactor
something you know
28. Data - hardware - networks - facility are access control ________
Bell La Padula
subjects
asynchronous
objects
29. Something you know - have - are or location
asynchronous
rainbow table
authentication methods
are
30. Error caused by biometrics where the system rejects authorized individuals - also know as false rejection rate (FRR)
something you know
password types
type I
common locks
31. The process of recovering passwords from stored/transmitted data
cognitive
subjects
authentication methods
password cracking
32. Data can only be accessed through applications - designed to prevent unauthorized modification - errors and fraud
are
password attacks
implicit deny
Clark Wilson
33. A small room with two authentication doors - after gaining access to the 1st door the subject is locked in until access to granted to the 2nd door
ACLs
type I
mantrap
4 steps of access control
34. Token that generates a password based on time or event
mantrap
synchronous
access control models
implicit deny
35. Feature of an OS that allows for logical access control by grouping subjects with common characteristics
password attacks
group policy
4 steps of access control
detective
36. Authentication method that include pin - password - code words - personal information
brute force
Biba
password attacks
something you know
37. Access control model concerned with information integrity
Bell La Padula
Biba
subjects
brute force
38. The point at which the false rejection rate equals the false acceptance rate - used to determine the accuracy of biometric systems - low value = high accuracy
CER
authentication methods
brute force
synchronous
39. Form of authentication that relies on human characteristic - fingerprint - hand geometry - facial recognition - eye scan - voice print - DNA - something you _________
Biba
access control list
are
synchronous
40. Using any two authentication methods
two factor
brute force
mantrap
group policy
41. Form of physical authentication - id/smart card - atm card - token - key - passport - something you __________
have
systems
brute force
type I
42. Security controls that spot and capture details about a security breach - i.e. a log file
implicit deny
are
detective
common locks
43. Password type based on fact or opinion based information - best for authentication that users do not use often - easy to remember
password policy
multifactor
Biba
cognitive
44. Using three or more authentication methods
multifactor
access control list
brute force
cognitive
45. Identification - authentication - authorization - accountability
password policy
asynchronous
4 steps of access control
dictionary
