116 Chapter 5 ■ dentity and Access Management (Domain 5)I
- What type of access control is typically used by firewalls?
A. Discretionary access controls
B. Rule-based access controls
C. Task-based access control
D. Mandatory access controls - When you input a user ID and password, you are performing what important identity and
access management activity?
A. Authorization
B. Validation
C. Authentication
D. Login - Kathleen works for a data center hosting facility that provides physical data center space
for individuals and organizations. Until recently, each client was given a magnetic-strip-
based keycard to access the section of the facility where their servers are located, and
they were also given a key to access the cage or rack where their servers reside. In the past
month, a number of servers have been stolen, but the logs for the passcards show only
valid IDs. What is Kathleen’s best option to make sure that the users of the passcards are
who they are supposed to be?
A. Add a reader that requires a PIN for passcard users.
B. Add a camera system to the facility to observe who is accessing servers.
C. Add a biometric factor.
D. Replace the magnetic stripe keycards with smartcards. - Which of the following is a ticket-based authentication protocol designed to provide secure
communication?
A. RADIUS
B. OAuth
C. SAML
D. Kerberos - What type of access control is composed of policies and procedures that support regula-
tions, requirements, and the organization’s own policies?
A. Corrective
B. Logical
C. Compensating
D. Administrative