SSCP: Access Controls
Fast practice, instant feedback. Timer auto-submits when time’s up.
Avg score: 57% Most missed: “An organization uses a biometric system with a one-to-many search method. What d…”
SSCP: Access Controls
Time left 00:00
20 Questions

1. A user professes an identity by entering a user logon name and then enters a password. What is the purpose of the logon name?
2. Which of the following models helps enforce the principle of separation of duties?
3. What type of access control is subject based?
4. An organization uses a biometric system with a one-to-many search method. What does this system provide for the organization?
5. What type of access control is subject based?
6. Of the following choices, what most accurately identifies the major drawback of SSO systems?
7. A user tries to log on to his bank account via the Internet with his username and password. The webpage then displays a message indicating a code was sent to his smartphone and prompts him to enter a six-digit code. What type of authentication is this?
8. Which of the following statements is true?
9. Access controls protect assets such as files by preventing unauthorized access. What must occur before a system can implement access controls to restrict access to these types of assets?
10. A user professes an identity by entering a user logon name and then enters a password. What is the purpose of the logon name?
11. What type of service does Kerberos provide?
12. What form(s) of authentication are individuals using when they authenticate with a hardware token and a password?
13. What is the primary goal of the Bell-LaPadula model?
14. A user tries to log on to his bank account via the Internet with his username and password. The webpage then displays a message indicating a code was sent to his smartphone and prompts him to enter a six-digit code. What type of authentication is this?
15. Which of the following statements is true?
16. Which of the following choices does NOT ensure that a password is strong?
17. Which of the following choices does NOT ensure that a password is strong?
18. Which of the following will disable an account if an attacker tries to guess the password multiple times?
19. Which of the following actions is most appropriate if an employee leaves the company?
20. What can be used to prevent a user from reusing the same password?