CIS 349 RANK Learn Do Live /cis349rank.com CIS 349 RANK Learn Do Live /cis349rank.com | Page 4

1) Which type of access control defines permissions based on roles, or
groups, and allows object owners and administrators to grant access
rights at their discretion?
2) What is meant by business drivers?
3) The first step in the implementation of separation of duties is to use
access controls to prevent unauthorized data access. The ultimate goal
is to define access control where each user has the permissions to
carry out assigned tasks and nothing else. This is known as the
principle of:
4) ___________ are the components, including people, information,
and conditions, that support business objectives.
5) ___________ is the process of providing additional credentials that
match the user ID or username.
6) Which of the following is the definition of authorization?
7) An organization wants to determine how well it adheres to its
security policy and determine if any “holes” exist. What type of
analysis or assessment does it perform?
8) What is meant by availability?
9)
There are two common types of monitoring tools available for
monitoring LANs, __________ and network software log files.
10) Which control is used in the LAN Domain to protect the
confidentiality of data?
11) Which of the following is not typically a LAN Domain
component?