Network Defense Module 3.5.2 Module 3 – Access Control Quiz Questions Exam Answers
1. Which three processes are examples of logical access controls? (Choose three.)
- swipe cards to allow access to a restricted area
- fences to protect the perimeter of a building
- guards to monitor security screens
- biometrics to validate physical characteristics
- firewalls to monitor traffic
- intrusion detection system (IDS) to watch for suspicious network activity
2. Match the type of multifactor authentication with the description.
3. An organization plans to implement security training to educate employees about security policies. What type of access control is the organization trying to implement?
4. When a security audit is performed at a company, the auditor reports that new users have access to network resources beyond their normal job roles. Additionally, users who move to different positions retain their prior permissions. What kind of violation is occurring?
- network policy
- least privilege
5. Which access control model assigns security privileges based on the position, responsibilities, or job classification of an individual or group within an organization?
6. Which type of access control applies the strictest access control and is commonly used in military or mission critical applications?
- discretionary access control (DAC)
- Non-discretionary access control
- mandatory access control (MAC)
- attribute-based access control (ABAC)
7. Which component is a pillar of the zero trust security approach that focuses on the secure access of devices, such as servers, printers, and other endpoints, including devices attached to IoT?
8. A user has been asked to implement IPsec for inbound external connections. The user plans to use SHA-1 as part of the implementation. The user wants to ensure the integrity and authenticity of the connection. What security tool can the user use?
9. After a security audit for an organization, multiple accounts were found to have privileged access to systems and devices. Which three best practices for securing privileged accounts should be included in the audit report? (Choose three.)
- Secure password storage.
- Reduce the number of privileged accounts.
- Only the CIO should have privileged access.
- No one should have privileged access.
- Enforce the principle of least privilege.
- Only managers should have privileged access.
10. What Windows utility should be used to configure password rules and account lockout policies on a system that is not part of a domain?
- Active Directory Security tool
- Event Viewer security log
- Computer Management
- Local Security Policy tool
11. What is the purpose of the network security accounting function?
- to require users to prove who they are
- to determine which resources a user can access
- to provide challenge and response questions
- to keep track of the actions of a user
12. Because of implemented security controls, a user can only access a server with FTP. Which AAA component accomplishes this?
13. What is used to scan a BYOD device to verify that it is compliant with company security policies before the device is permitted to access the network?
- proxy server
14. Which AAA component can be established using token cards?