Chapter 5 ITSY 1300 Questions with 100% Correct
Answers 2025 | 2026
Choose the access control component(s) that is/are part of
policy definition. (Choose one or more. Deductions will be
made for incorrect selections.) - ANSWER Authorization
What is the difference between physical access controls and
logical access controls? - ANSWER Physical access controls
control access into buildings and locations, while logical access
controls control access into computer systems or networks.
What is the security kernel database? - ANSWER he security
kernel's list of access rights rules.
What is the difference between group membership policies and
authority-level policies? - ANSWER In group membership
policies, authoriziation is defined by what group(s) you're in.
Authority-level policies are based on degrees of authority.
What is the difference between identification and
authentication? - ANSWER Identification is the method a
, subject uses to request access to a system or resource, while
authentication is the process of verifying the requestor's claim.
List the five types of authentication. - ANSWER Knowledge
(something you know)
Ownership (something you have)
Characteristics (something you are--biometrics)
Location (where you are)
Action (something you do or how you do it).
List one password best practice. - ANSWER Never share your
passwords with anyone, it should be kept private.
What is the difference between a synchronous token and an
asynchronous token? - ANSWER A synchronous token uses an
algorithm that calculates a number at both the authentication
server and the device. An asynchronous token uses challenge-
response technology to authenticate.
Answers 2025 | 2026
Choose the access control component(s) that is/are part of
policy definition. (Choose one or more. Deductions will be
made for incorrect selections.) - ANSWER Authorization
What is the difference between physical access controls and
logical access controls? - ANSWER Physical access controls
control access into buildings and locations, while logical access
controls control access into computer systems or networks.
What is the security kernel database? - ANSWER he security
kernel's list of access rights rules.
What is the difference between group membership policies and
authority-level policies? - ANSWER In group membership
policies, authoriziation is defined by what group(s) you're in.
Authority-level policies are based on degrees of authority.
What is the difference between identification and
authentication? - ANSWER Identification is the method a
, subject uses to request access to a system or resource, while
authentication is the process of verifying the requestor's claim.
List the five types of authentication. - ANSWER Knowledge
(something you know)
Ownership (something you have)
Characteristics (something you are--biometrics)
Location (where you are)
Action (something you do or how you do it).
List one password best practice. - ANSWER Never share your
passwords with anyone, it should be kept private.
What is the difference between a synchronous token and an
asynchronous token? - ANSWER A synchronous token uses an
algorithm that calculates a number at both the authentication
server and the device. An asynchronous token uses challenge-
response technology to authenticate.
