Page 1066 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide

P. 1066

Review Questions

1. Which of the following best describes an implicit deny principle?

A. All actions that are not expressly denied are allowed.

B. All actions that are not expressly allowed are denied.

C. All actions must be expressly denied.

D. None of the above.

2. What is the intent of least privilege?

A. Enforce the most restrictive rights required by users to run

system processes.

B. Enforce the least restrictive rights required by users to run
system processes.

C. Enforce the most restrictive rights required by users to
complete assigned tasks.

D. Enforce the least restrictive rights required by users to complete
assigned tasks.

3. A table includes multiple objects and subjects and it identifies the
specific access each subject has to different objects. What is this

table?

A. Access control list

B. Access control matrix

C. Federation

D. Creeping privilege

4. Who, or what, grants permissions to users in a DAC model?

A. Administrators

B. Access control list

C. Assigned labels

1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071