Home Cybersecurity trainings for SMEs Access Control Management - Information Security Trainings for SMEs

Cybersecurity trainings for SMEs

0 %

Completed

Course content

Access Control Management - Information Security Trainings for SMEs

10 XP
Prev Next
Fullscreen Share
Rating
0 0

There are no comments for now.

Join this Course
to be the first to leave a comment.

1. What are the 6 elements of Access Control Management?
Identity management, Authentication management, Rights and privilege management, Access control, Event record, Monitoring, Analysis of logs. Identity management, Authentication management, Access control, Rights management, Monitoring, Privilege managemen Identity management, Authentication management, Access control, Rights management, Event record, Privilege management Identity management, Authentication management, Access control, Rights management, Analysis of logs, Privilege management
2. What is NOT the aim of identity management
Look for dormant accounts Allow revoking account of gone personnel Make sure everybody has a unique identifier Authorize access
3. What is a “double authentication”?
An authentication that requires two different devices An authentication that requires two authenticators = An authentication that requires to take a picture of your face An authentication that requires privacy information
4. Which of the followings is NOT an access rule
Verify the password sticks to the composition rules Make sure the password/pin code is changed a defines intervals Make sure the passwords on all accounts are identical Deny access after a predefined number of incorrect authentications
5. Which of the followings is correct about “Discretionary access control”?
Every user may forward the received information to other people The security rules do not need to be transferred with the forwarded information The list of recipients is kept by each person transferring information on a voluntary basis The owner/initial issuer of an information/document is not directly informed of the new recipients
6. Which of the followings are the rights granted under the “Need to know” principle
Read, Copy, Communicate, Delete Read, Store, Update Read, Move, Execute Read and use
7. What is the meaning of Least Privilege
The information is forwarded only if it is strictly needed for performing the duties The information is forwarded to people with low trust The information is accessible to people with low privileges The information is forwarded under the “Discretionary Access Control” rule.
8. Which roles are NOT associated with privileges
Auditor System administrator Untrusted users Experts involved with a specific control
9. Which of the followings are NOT events looked at by monitoring
Illicit accesses Incorrect use of rights and privileges Unsuspended dormant accounts Access outside the defined time frame
10. When does Analysis of logs NOT happen?
During system audit Continuously by automated tools After a specific activity At planned intervals