1 ) Which type of access control defines permissions based on roles , or groups , and allows object owners and administrators to grant access
2 ) What is meant by business drivers ?
3 ) The first step in the implementation of separation of duties is to use access controls to prevent unauthorized data access . The ultimate goal is to define access control where each user has the permissions to carry out assigned tasks and nothing else . This is known as the principle of :
4 ) ___________ are the components , including people , information , and conditions , that support business objectives .
5 ) ___________ is the process of providing additional credentials that match the user ID or username .
6 ) Which of the following is the definition of authorization ?
7 ) An organization wants to determine how well it adheres to its security policy and determine if any “ holes ” exist . What type of analysis or assessment does it perform ?
8 ) What is meant by availability ?
9 ) There are two common types of monitoring tools available for monitoring LANs , __________ and network software log files .
10 ) Which control is used in the LAN Domain to protect the confidentiality of data ?
11 ) Which of the following is not typically a LAN Domain
12 ) Which of the following is not a step to ensuring only authorized users can see confidential data in the LAN Domain ?
13 ) A nonintrusive penetration test ____________.