COMPREHENSIVE EXAM REVIEW | VERIFIED QUESTIONS &
ANSWERS | STUDY GUIDE + PRACTICE TESTS
WHAT IS ACCESS CONTROL?
ANS: THE PROCESS BY WHICH A SYSTEM DETERMINES WHO CAN USE A RESOURCE AND
HOW
______ ARE IMPLEMENTED AT THE DISCRETION OF THE DATA USER.
ANS: DISCRETIONARY ACCESS CONTROLS (DACS)
______ ARE ENFORCED BY A CENTRAL AUTHORITY RATHER THAN BY INDIVIDUAL USERS.
ANS: NONDISCRETIONARY ACCESS CONTROLS (NDACS)
A FORM OF MANDATORY ACCESS CONTROL THAT USES A MATRIX TO SPECIFY USER
PERMISSIONS IS CALLED ______.
ANS: LATTICE-BASED ACCESS CONTROLS (LBACS)
IN ______, ACCESS PRIVILEGES ARE DETERMINED BY THE SPECIFIC ROLES USERS HAVE WITHIN
AN ORGANIZATION.
ANS: ROLE-BASED ACCESS CONTROLS (RBACS)
, A ______ IS A SET OF CHARACTERS DERIVED FROM A PHRASE TO FACILITATE MEMORY RECALL
FOR AUTHENTICATION PURPOSES.
ANS: VIRTUAL PASSWORD
______ INVOLVES ASSIGNING CLASSIFICATIONS TO BOTH INFORMATION AND USERS, DICTATING
THEIR LEVEL OF ACCESS.
ANS: MANDATORY ACCESS CONTROL (MAC)
______ DETERMINES USER PERMISSIONS BASED ON USER OR SYSTEM ATTRIBUTES.
ANS: ATTRIBUTE-BASED ACCESS CONTROL (ABACS)
THE USE OF MULTIPLE METHODS OF VERIFICATION TO ESTABLISH USER IDENTITY IS KNOWN AS
______.
ANS: STRONG AUTHENTICATION
A SERIES OF CHARACTERS KNOWN ONLY TO THE USER, SERVING AS PROOF OF IDENTITY FOR
SYSTEM ACCESS, IS CALLED A ______.
ANS: PASSWORD
WHAT DOES THE FALSE REJECT RATE (FRR) MEASURE IN BIOMETRIC ACCESS CONTROLS?