Chapter 5 ■ dentity and Access Management (Domain 5)I 109
- Jim has worked in human relations, payroll, and customer service roles in his company
over the past few years. What type of process should his company perform to ensure that
he has appropriate rights?
A. Re-provisioning
B. Account review
C. Privilege creep
D. Account revocation - Biba is what type of access control model?
A. M AC
B. DAC
C. Role BAC
D. ABAC- Which of the following is a client/server protocol designed to allow network access servers
to authenticate remote users by sending access request messages to a central server?
A. Kerberos
B. EAP
C. RADIUS
D. OAuth - What type of access control is being used in the following permission listing:
Storage Device X
User1: Can read, write, list
User2: Can read, list
User3: Can read, write, list, delete
User4: Can listA. Resource-based access controls
B. Role-based access controls
C. Mandatory access controls
D. Rule-based access controls- Angela uses a sniffer to monitor traffic from a RADIUS server configured with default
settings. What protocol should she monitor, and what traffic will she be able to read?
A. UDP, none. All RADIUS traffic is encrypted.
B. TCP, all traffic but the passwords, which are encrypted.
C. UDP, all traffic but the passwords, which are encrypted.
D. TCP, none. All RADIUS traffic is encrypted.