110 Chapter 5 ■ dentity and Access Management (Domain 5)I
- Which of the following is not part of a Kerberos authentication system?
A. KDC
B. TGT
C. AS
D. TS - When an application or system allows a logged-in user to perform specific actions, it is an
example of what?
A. Roles
B. Group management
C. Logins
D. Authorization - Alex has been employed by his company for more than a decade and has held a number
of positions in the company. During an audit, it is discovered that he has access to shared
folders and applications because of his former roles. What issue has Alex’s company
encountered?
A. Excessive provisioning
B. Unauthorized access
C. Privilege creep
D. Account review - Which of the following is not a common threat to access control mechanisms?
A. Fake login pages
B. Phishing
C. Dictionary attacks
D. Man-in-the-middle attacks - What term properly describes what occurs when two or more processes require access to
the same resource and must complete their tasks in the proper order for normal function?
A. Collisions
B. Race conditions
C. Determinism
D. Out-of-order execution - What type of access control scheme is shown in the following table?
Highly Sensitive Red Blue Green
Confidential Purple Orange Yellow
Internal Use Black Gray White
Public Clear Clear Clear