MIS 4850 Systems Security Review Questions | Chapter 5-2 Access Control

wispsyndicateΑσφάλεια

23 Φεβ 2014 (πριν από 3 χρόνια και 8 μήνες)

402 εμφανίσεις

C:
\
Program Files
\
neevia.com
\
docConverterPro
\
temp
\
NVDC
\
C8795120
-
D019
-
4D77
-
9359
-
12538E0542EA
\
wispsyndicate_612f78a7
-
55ec
-
4e41
-
b6d2
-
2cbfbbab9994.doc


1
/
3

MIS 4850 Systems Security

Review Questions

|
Chapter 5
-
2

Access Control


Student Name: ____________________________________________


Chapter 5
:
Physical/
Site Security

(p.251
-
260)

1
.

Allowing a second person to follow someone through a secure door without
the second
person being authenticated is _____.

a.

piggybacking

b.

two
-
factor authentication

c.

sequential access

d.

Dumpster diving

e.

unfortunate but generally acceptable to security professionals

2
.

It may be possible to find media containing sensitive
corporate data through _____.

a.

piggybacking

b.

two
-
factor authentication

c.

sequential access

d.

Dumpster diving

e.

Shredding


3.


Which of the following is
not

one of the rules for working in secure areas?

A) Unsupervised work in secure areas should be
avoided.

B) When no one is in a secure area, it should be locked and verified periodically.

C) No one should be allowed to work in secure areas for more than four hours in a row.

D) Electronic devices that can record or copy mass amounts of information sho
uld be forbidden
in secure areas.


4.

Which of the following should be forbidden in secure areas?

A) cameras

B) USB flash drives

C) Both A and B

D) Neither A nor B



5.
Placing sensitive equipment in secure areas to minimize potential threats and damage is

called
siting.


a) TRUE

b) FALSE



6.


If a laptop needs to be taken off premises, ________.

A) it should first be logged out.

B) it should be logged in when returned

C) all sensitive information should be removed

D) All of the above

C:
\
Program Files
\
neevia.com
\
docConverterPro
\
temp
\
NVDC
\
C8795120
-
D019
-
4D77
-
9359
-
12538E0542EA
\
wispsyndicate_612f78a7
-
55ec
-
4e41
-
b6d2
-
2cbfbbab9994.doc


2
/
3


7.


________ is a so
cial engineering trick where an intruder may follow an authorized user
through a door that the authorized user opens with an access device.

A) Shoulder surfing

B) Shadowing

C) Trailing

D) Piggybacking


8.

It is illegal to go through a company's trash bins

even if the trash bins are outside the
corporation.

a) TRUE

b) FALSE



Ch 5: Verification, Identification, Watch lists, Biometric security (p. 278
-
287)


9.

Identification is the process where the verifier determines whether the supplicant is a
particular

person that the supplicant claims who he or she is.

a) TRUE

b) FALSE


10.

Verification is the process where the verifier determines the identity of the supplicant.

a) TRUE

b) FALSE


11.

The verifier itself determines the identity of the supplicant in ___
_____.

A) verification

B) identification

C) Both A and B

D) Neither A nor B


12.


________ is a form of identification that identifies a person as being a member of a
group.

A) RBAC

B) Watch list matching

C) Group ID matching

D) Group acceptance

13
.

A user

types his or her user name and password. This is an example of _____.

a.

verification

or authentication

b.

identification


14
.

A user walks up to a door, has his or her fingerprint scanned, and is admitted through the
door. Assume nothing else. This is an

example of _____.

a.

verification

b.

identification


15.


When an attacker deliberately attempts to fool the system, this is called ________.

A) deception

C:
\
Program Files
\
neevia.com
\
docConverterPro
\
temp
\
NVDC
\
C8795120
-
D019
-
4D77
-
9359
-
12538E0542EA
\
wispsyndicate_612f78a7
-
55ec
-
4e41
-
b6d2
-
2cbfbbab9994.doc


3
/
3

B) a false acceptance

C) a false rejection

D) All of the above.


16.


Fingerprint scanning, which is

often deceived, may be acceptable for entry into a non
-
sensitive supplies cabinet.

a) TRUE

b) FALSE


17.

Which of the following statements accurately describes fingerprint recognition?

A) fingerprint recognition scanners are very expensive

B) fingerprint
recognition is easily deceived

C) fingerprint recognition is rarely used

D) All of the above


18.


Which of the following statements accurately describes iris recognition?

A) iris recognition has high FARs

B) iris recognition technology is expensive

C) iri
s recognition scans the eye with lasers

D) All of the above


19.


Iris recognition technology is ________ and ________.

A) expensive, has low FARs

B) expensive, has high FARs

C) inexpensive, has low FARs

D) inexpensive, has high FARs


20.

Hand geometry rec
ognition is used heavily for ________.

A) PC access

B) watch list access

C) door access

D) server access


21.

The most widely used form of biometrics is ________.

A) retinal scanning

B) iris scanning

C) fingerprint scanning

D) face recognition