1. Which component of AAA is used to determine which resources a user can access and which operations the user is allowed to perform?
- auditing
- authorization
- authentication
- accounting
Explanation: One of the components in AAA is authorization. After a user is authenticated through AAA, authorization services determine which resources the user can access and which operations the user is allowed to perform.
2. What is the biggest issue with local implementation of AAA?
- Local implementation cannot provide secure authentication.
- Local implementation supports only TACACS+ servers.
- Local implementation does not scale well.
- Local implementation supports only RADIUS servers.
Explanation: One of the purposes of AAA is to provide secure authentication to network devices. Local implementation does not use RADIUS or TACACS+ servers. It relies on a local database to authenticate all users. This can be a problem in a network that has many devices with hundreds of users or more.
3. A company is experiencing overwhelming visits to a main web server. The IT department is developing a plan to add a couple more web servers for load balancing and redundancy. Which requirement of information security is addressed by implementing the plan?
- confidentiality
- integrity
- scalability
- availability
Explanation: Availability ensures that network services are accessible and performing well under all conditions. By load balancing the traffic destined to the main web servers, in times of a huge volume of visits the systems will be well managed and serviced.
4. What is an example of privilege escalation attack?
- A threat actor sends an email to an IT manager to request the root access.
- A threat actor performs an access attack and gains the administrator password.
- A port scanning attack finds that the FTP service is running on a server that allows anonymous access.
- A DDoS attack is launched against a government server and causes the server to crash.
Explanation: With the privilege escalation exploit, vulnerabilities in servers or access control systems are exploited to grant an unauthorized user, or software process, higher levels of privilege than either should have. After the higher privilege is granted, the threat actor can access sensitive information or take control of a system.
5. What is the principle of least privilege access control model?
- User access to data is based on object attributes.
- Users control access to data they own.
- Users are granted the strictest access control possible to data.
- Users are granted rights on an as-needed approach.
Explanation: The principle of least privilege is an access control model that specifies a limited and as-needed approach to user access to data.
6. A server log includes this entry: User student accessed host server ABC using Telnet yesterday for 10 minutes. What type of log entry is this?
- accounting
- authentication
- authorization
- accessing
Explanation: Accounting records what users do and when they do it, including what is accessed, the amount of time the resource is accessed, and any changes that were made. Accounting keeps track of how network resources are used.
7. Which objective of secure communications is achieved by encrypting data?
- authentication
- availability
- confidentiality
- integrity
Explanation: When data is encrypted, it is scrambled to keep the data private and confidential so that only authorized recipients can read the message. A hash function is another way of providing confidentiality.
8. What are three access control security services? (Choose three.)
- accounting
- access
- authentication
- authorization
- availability
- repudiation
Explanation: This question refers to AAA authentication, authorization, and accountability.
9. Which access control model allows users to control access to data as an owner of that data?
- attribute-based access control
- discretionary access control
- nondiscretionary access control
- mandatory access control
Explanation: In the discretionary access control (DAC) model, users can control access to data as owners of the data.
10. Which two protocols are used to provide server-based AAA authentication? (Choose two.)
- 802.1x
- TACACS+
- SNMP
- SSH
- RADIUS
Explanation: Server-based AAA authentication uses an external TACACS or RADIUS authentication server to maintain a username and password database. When a client establishes a connection with an AAA enabled device, the device authenticates the client by querying the authentication servers.
11. What three items are components of the CIA triad? (Choose three.)
- availability
- integrity
- access
- intervention
- confidentiality
- scalability
Explanation: The CIA triad contains three components: confidentiality, integrity, and availability. It is a guideline for information security for an organization.
12. Which type of access control applies the strictest access control and is commonly used in military or mission critical applications?
- discretionary access control (DAC)
- Non-discretionary access control
- attribute-based access control (ABAC)
- mandatory access control (MAC)
Explanation: Access control models are used to define the access controls implemented to protect corporate IT resources. The different types of access control models are as follows:
- Mandatory access control (MAC) – The strictest access control that is typically used in military or mission critical applications.
- Discretionary access control (DAC) – Allows users to control access to their data as owners of that data. Access control lists (ACLs) or other security measures may be used to specify who else may have access to the information.
- Non-discretionary access control – Also known as role-based access control (RBAC). Allows access based on the role and responsibilities of the individual within the organization.
- Attribute-based access control (ABAC) – Allows access based on the attributes of the resource to be accessed, the user accessing the resource, and the environmental factors such as the time of day.