WGU C845 - Ch. 1 Access Control
1. Greg is the network administrator for a large stadium that hosts many events throughout the
course of the year. They equip ushers with handheld scanners to verify tickets. Ushers turn over
frequently and are often hired at the last minute. Scanners are handed out to ushers before each
event, but different ushers may use different scanners. Scanners are secured in a locked safe when
not in use. What network access control approach would be most effective for this scenario?
A. Multifactor authentication
B. Device authentication
C. Password authentication
D. No authentication: B. Device Authentication
2. Norma is helping her organization create a specialized network designed for vendors that need to
connect to Norma's organization's network to process invoices and upload inventory. This network
should be segmented from the rest of the corporate network but have a much higher degree of access
than the general public. What type of network is Norma building?
A. Internet
B. Intranet
C. Outranet
D. Extranet: D. Extranet
3. Which one of the following is an example of a nondiscretionary access control system?
A. File ACLs
B. MAC
C. DAC
D. Visitor list: B. MAC
4. Wanda is configuring device-based authentication for systems on her net- work. Which one of the
following approaches offers the strongest way to authenticate devices?
A. IP address
B. MAC address
C. Digital certificate
D. Password: C. Digital Certificate
5. When Ben lists the files on a Linux system, he sees a set of attributes as shown in the following
image. The letters rwx indicate different levels of what?
, WGU C845 - Ch. 1 Access Control
A. Identification
B. Authorization
C. Authentication
D. Accountability: B. Authorization
6. Which one of the following tools is most often used for identification pur- poses and is not
suitable for use as an authenticator?
A. Password
B. Retinal scan
C. Username
D. Token: C. Username
7. Gary is preparing to create an account for a new user and assign privileges to the HR database.
What two elements of information must Gary verify before granting this access?
A. Credentials and need to know
B. Clearance and need to know
C. Password and clearance
D. Password and biometric scan: B. Clearance and Need to know
8. When a subject claims an identity, what process is occurring?
A. Login
B. Identification
C. Authorization
D. Token presentation: B. Identification
9. Files, databases, computers, programs, processes, devices, and media are all examples of what?
A. Subjects
B. Objects
C. File stores
D. Users: B. Objects
10.MAC models use three types of environments. Which of the following is not a mandatory access
control design?
, WGU C845 - Ch. 1 Access Control
A. Hierarchical
B. Bracketed
1. Greg is the network administrator for a large stadium that hosts many events throughout the
course of the year. They equip ushers with handheld scanners to verify tickets. Ushers turn over
frequently and are often hired at the last minute. Scanners are handed out to ushers before each
event, but different ushers may use different scanners. Scanners are secured in a locked safe when
not in use. What network access control approach would be most effective for this scenario?
A. Multifactor authentication
B. Device authentication
C. Password authentication
D. No authentication: B. Device Authentication
2. Norma is helping her organization create a specialized network designed for vendors that need to
connect to Norma's organization's network to process invoices and upload inventory. This network
should be segmented from the rest of the corporate network but have a much higher degree of access
than the general public. What type of network is Norma building?
A. Internet
B. Intranet
C. Outranet
D. Extranet: D. Extranet
3. Which one of the following is an example of a nondiscretionary access control system?
A. File ACLs
B. MAC
C. DAC
D. Visitor list: B. MAC
4. Wanda is configuring device-based authentication for systems on her net- work. Which one of the
following approaches offers the strongest way to authenticate devices?
A. IP address
B. MAC address
C. Digital certificate
D. Password: C. Digital Certificate
5. When Ben lists the files on a Linux system, he sees a set of attributes as shown in the following
image. The letters rwx indicate different levels of what?
, WGU C845 - Ch. 1 Access Control
A. Identification
B. Authorization
C. Authentication
D. Accountability: B. Authorization
6. Which one of the following tools is most often used for identification pur- poses and is not
suitable for use as an authenticator?
A. Password
B. Retinal scan
C. Username
D. Token: C. Username
7. Gary is preparing to create an account for a new user and assign privileges to the HR database.
What two elements of information must Gary verify before granting this access?
A. Credentials and need to know
B. Clearance and need to know
C. Password and clearance
D. Password and biometric scan: B. Clearance and Need to know
8. When a subject claims an identity, what process is occurring?
A. Login
B. Identification
C. Authorization
D. Token presentation: B. Identification
9. Files, databases, computers, programs, processes, devices, and media are all examples of what?
A. Subjects
B. Objects
C. File stores
D. Users: B. Objects
10.MAC models use three types of environments. Which of the following is not a mandatory access
control design?
, WGU C845 - Ch. 1 Access Control
A. Hierarchical
B. Bracketed
