Back
0

Data Access Control and Authorization Mechanisms

Description: Data Access Control and Authorization Mechanisms Quiz
Number of Questions: 15
Created by:
Tags: data access control authorization mechanisms security
Start the Quiz
Attempted 0/15 Correct 0 Score 0

Which of the following is NOT a common data access control model?

  1. Discretionary Access Control (DAC)

  2. Mandatory Access Control (MAC)

  3. Role-Based Access Control (RBAC)

  4. Attribute-Based Access Control (ABAC)

Show answer
Correct Option:
Explanation:

Mandatory Access Control (MAC) is not a common data access control model. DAC, RBAC, and ABAC are more commonly used.

In DAC, who is responsible for granting and revoking access permissions?

  1. The data owner

  2. The system administrator

  3. The user

  4. All of the above

Show answer
Correct Option: A
Explanation:

In DAC, the data owner is responsible for granting and revoking access permissions.

Which of the following is NOT a common RBAC role?

  1. Administrator

  2. Manager

  3. User

  4. Guest

Show answer
Correct Option: D
Explanation:

Guest is not a common RBAC role. Administrator, Manager, and User are more commonly used.

In ABAC, access permissions are granted based on:

  1. The user's role

  2. The user's attributes

  3. The resource's attributes

  4. All of the above

Show answer
Correct Option: D
Explanation:

In ABAC, access permissions are granted based on the user's role, the user's attributes, and the resource's attributes.

Which of the following is NOT a common authorization mechanism?

  1. Access Control Lists (ACLs)

  2. Capabilities

  3. Tokens

  4. Biometrics

Show answer
Correct Option: D
Explanation:

Biometrics is not a common authorization mechanism. ACLs, Capabilities, and Tokens are more commonly used.

ACLs are typically stored:

  1. In the file system

  2. In the database

  3. In the application

  4. All of the above

Show answer
Correct Option: D
Explanation:

ACLs can be stored in the file system, in the database, or in the application.

Capabilities are typically implemented using:

  1. Cryptographic keys

  2. Tokens

  3. Certificates

  4. All of the above

Show answer
Correct Option: A
Explanation:

Capabilities are typically implemented using cryptographic keys.

Tokens are typically used to:

  1. Authenticate users

  2. Authorize users

  3. Both of the above

  4. None of the above

Show answer
Correct Option: C
Explanation:

Tokens are typically used to both authenticate and authorize users.

Biometrics are typically used for:

  1. Authentication

  2. Authorization

  3. Both of the above

  4. None of the above

Show answer
Correct Option: A
Explanation:

Biometrics are typically used for authentication, not authorization.

Which of the following is NOT a common data access control best practice?

  1. Use the principle of least privilege

  2. Implement role-based access control

  3. Use strong passwords

  4. Allow users to share their passwords

Show answer
Correct Option: D
Explanation:

Allowing users to share their passwords is not a common data access control best practice.

Which of the following is NOT a common authorization mechanism best practice?

  1. Use strong authentication mechanisms

  2. Use role-based access control

  3. Use tokens with short expiration times

  4. Allow users to bypass authorization checks

Show answer
Correct Option: D
Explanation:

Allowing users to bypass authorization checks is not a common authorization mechanism best practice.

Which of the following is NOT a common data access control tool?

  1. Access Control Lists (ACLs)

  2. Role-Based Access Control (RBAC)

  3. Attribute-Based Access Control (ABAC)

  4. Firewalls

Show answer
Correct Option: D
Explanation:

Firewalls are not a common data access control tool. ACLs, RBAC, and ABAC are more commonly used.

Which of the following is NOT a common authorization mechanism tool?

  1. Tokens

  2. Certificates

  3. Biometrics

  4. Intrusion Detection Systems (IDSs)

Show answer
Correct Option: D
Explanation:

Intrusion Detection Systems (IDSs) are not a common authorization mechanism tool. Tokens, Certificates, and Biometrics are more commonly used.

Which of the following is NOT a common data access control standard?

  1. ISO 27001

  2. ISO 27002

  3. NIST SP 800-53

  4. PCI DSS

Show answer
Correct Option: D
Explanation:

PCI DSS is not a common data access control standard. ISO 27001, ISO 27002, and NIST SP 800-53 are more commonly used.

Which of the following is NOT a common authorization mechanism standard?

  1. ISO 27001

  2. ISO 27002

  3. NIST SP 800-53

  4. XACML

Show answer
Correct Option: D
Explanation:

XACML is not a common authorization mechanism standard. ISO 27001, ISO 27002, and NIST SP 800-53 are more commonly used.

- Hide questions
ADVERTISEMENT

Find more quizzes from top tags

general knowledge
3615 Quizzes
119858 Questions
 technology
307 Quizzes
36705 Questions
 sports
963 Quizzes
19148 Questions
 history
1187 Quizzes
13475 Questions
 physics
598 Quizzes
13441 Questions
 biology
1160 Quizzes
12174 Questions
 science & technology
551 Quizzes
11015 Questions
 chemistry
490 Quizzes
9892 Questions
 maths
518 Quizzes
9324 Questions
 softskills
0 Quizzes
7131 Questions