Which security mechanism is employed only on the server-side to limit access to resources or components?()A、 authorizationB、 data integrityC、 confidentialityD、 authentication

题目

Which security mechanism is employed only on the server-side to limit access to resources or components?()

  • A、 authorization
  • B、 data integrity
  • C、 confidentiality
  • D、 authentication
相似考题

1.Whichthe securitymechanismusestheconceptofarealm?()A.authorizationB.dataintegrityC.confidentialityD.authentication

2.Whichsecuritymechanismisemployedonlyontheserver-sidetolimitaccesstoresourcesorcomponents?()A.authorizationB.dataintegrityC.confidentialityD.authentication

3.An authentication realm consists of which three authentication resources?()A. Authentication serverB. Session optionsC. Authentication policyD. End-point security policyE. Role-mapping rules

4.Whichsecuritymechanismcanbedirectedthroughtheelementinawebdeploymentdescriptor()?A.authorizationB.dataintegrityC.confidentialityD.authentication

更多“Which security mechanism is employed only on the server-side to limit access to resources or components?()A、 authorizationB、 data integrityC、 confidentialityD、 authentication”相关问题

  • 第1题:

    Kerberos is a form of user authentication that:()

    A. Provides users access to network resources.

    B. Performs router commands after user authentication.

    C. Provides users with remote access only capabilities.

    D. Does not require an authentication server


    参考答案:A

  • 第2题:

    In the fields of physical security and information security, access control is the selective restriction of access to a place or other resource. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization (授权).
    An access control mechanism (71) between a user (or a process executing on behalf of a user) and system resources, such as applications, operating systems, firewalls, routers, files, and databases. The system must first authenticate(验证)a user seeking access. Typically the authentication function determines whether the user is (72) to access the system at all. Then the access control function determines if the specific requested access by this user is permitted. A security administrator maintains an authorization database that specifies what type of access to which resources is allowed for this user. The access control function consults this database to determine whether to(73)access. An auditing function monitors and keeps a record of user accesses to system resources.
    In practice, a number of(74)may cooperatively share the access control function. All operating systems have at least a rudimentary(基本的), and in many cases a quite robust, access control component. Add-on security packages can add to the(75)access control capabilities of the OS. Particular applications or utilities, such as a database management system, also incorporate access control functions. External devices, such as firewalls, can also provide access control services.

    A.components
    B.users
    C.mechanisms
    D.algorithms

    答案:B
    解析:
    在物理安全和信息安全领域,访问控制是对一个地方或其他资源的访问限制。访问的行为可能意味着消费、输入或使用。允许访问资源被称为授权。
    访问控制机制连接用户(代表用户执行的进程)和系统资源(如应用程序、操作系统、防火墙、路由器、文件和数据库)之间的连接。系统必须首先对用户进行身份验证。通常,身份验证功能决定用户是否被允许访问系统。然后,访问控制功能决定是否允许该用户指定的访问权限。安全管理员维护一个授权数据库,该数据库指定允许该用户访问哪些资源的类型。访问控制函数咨询此数据库以确定是否授予访问权。审计功能监视并保存用户访问系统资源的记录。
    在实践中,一些用户可以合作共享访问控制函数。所有操作系统都至少有一个基本的,而且在许多情况下是一个相当健壮的访问控制组件。附加安全包可以添加到操作系统的自动访问控制功能。特定的应用程序或实用程序,如数据库管理系统,也包括访问控制功能。外部设备,如防火墙,也可以提供访问控制服务。

  • 第3题:

    Which of the following is true about Outbound Malware Scanning?() 

    • A、 It has its own policy table.
    • B、 It is configured as part of Access Policies.
    • C、 It is configured as part ofIronPort data Security.
    • D、 It only has global configuration.

    正确答案:B

  • 第4题:

    Which two statements about the Wired Equivalent Privacy (WEP) encryption mechanism are true? ()

    • A、the two methods of authentication using the WEP encryption are open and shared key
    • B、the 802.11 standard defines WEP security using 128-bit keys
    • C、WEP can provide stronger authentication through the use of LEAP, PEAP, or EAP-FAST
    • D、WEP is a scalable encryption solution that uses static keys for authentication
    • E、WEP security provides only one-way authentication
    • F、WEPv2 offers improved encryption by replacing the RC4 encryption mechanism with the AES (symmetric block cipher) mechanism

    正确答案:A,E

  • 第5题:

    Which two commands can be used to monitor firewall user authentication?()

    • A、show access firewall-authentication
    • B、show security firewall-authentication users
    • C、show security audit log
    • D、show security firewall-authentication history

    正确答案:B,D

  • 第6题:

    An authentication realm consists of which three authentication resources?()

    • A、Authentication server
    • B、Session options
    • C、Authentication policy
    • D、End-point security policy
    • E、Role-mapping rules

    正确答案:A,C,E

  • 第7题:

    Kerberos is a form of user authentication that:()

    • A、Provides users access to network resources.
    • B、Performs router commands after user authentication.
    • C、Provides users with remote access only capabilities.
    • D、Does not require an authentication server

    正确答案:A

  • 第8题:

    Which security mechanism uses the concept of a realm?()

    • A、Authorization
    • B、Data integrity
    • C、Confidentiality
    • D、Authentication

    正确答案:D

  • 第9题:

    Under which configuration hierarchy is an access profile configured for firewall user authentication?()

    • A、[edit access]
    • B、[edit security access]
    • C、[edit firewall access]
    • D、[edit firewall-authentication]

    正确答案:A

  • 第10题:

    单选题
    Which security mechanism can be directed through the  element in a web deployment descriptor()?
    A

     authorization

    B

     data integrity

    C

     confidentiality

    D

     authentication


    正确答案: A
    解析: 暂无解析

  • 第11题:

    多选题
    An authentication realm consists of which three authentication resources?()
    A

    Authentication server

    B

    Session options

    C

    Authentication policy

    D

    End-point security policy

    E

    Role-mapping rules


    正确答案: B,D
    解析: 暂无解析

  • 第12题:

    单选题
    Which the security mechanism uses the concept of a realm?()
    A

     authorization

    B

     data integrity

    C

     confidentiality

    D

     authentication


    正确答案: A
    解析: 暂无解析

  • 第13题:

    In the fields of physical security and information security, access control is the selective restriction of access to a place or other resource. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization (授权).
    An access control mechanism (71) between a user (or a process executing on behalf of a user) and system resources, such as applications, operating systems, firewalls, routers, files, and databases. The system must first authenticate(验证)a user seeking access. Typically the authentication function determines whether the user is (72) to access the system at all. Then the access control function determines if the specific requested access by this user is permitted. A security administrator maintains an authorization database that specifies what type of access to which resources is allowed for this user. The access control function consults this database to determine whether to(73)access. An auditing function monitors and keeps a record of user accesses to system resources.
    In practice, a number of(74)may cooperatively share the access control function. All operating systems have at least a rudimentary(基本的), and in many cases a quite robust, access control component. Add-on security packages can add to the(75)access control capabilities of the OS. Particular applications or utilities, such as a database management system, also incorporate access control functions. External devices, such as firewalls, can also provide access control services.

    A.open
    B.monitor
    C.grant
    D.seek

    答案:C
    解析:
    在物理安全和信息安全领域,访问控制是对一个地方或其他资源的访问限制。访问的行为可能意味着消费、输入或使用。允许访问资源被称为授权。
    访问控制机制连接用户(代表用户执行的进程)和系统资源(如应用程序、操作系统、防火墙、路由器、文件和数据库)之间的连接。系统必须首先对用户进行身份验证。通常,身份验证功能决定用户是否被允许访问系统。然后,访问控制功能决定是否允许该用户指定的访问权限。安全管理员维护一个授权数据库,该数据库指定允许该用户访问哪些资源的类型。访问控制函数咨询此数据库以确定是否授予访问权。审计功能监视并保存用户访问系统资源的记录。
    在实践中,一些用户可以合作共享访问控制函数。所有操作系统都至少有一个基本的,而且在许多情况下是一个相当健壮的访问控制组件。附加安全包可以添加到操作系统的自动访问控制功能。特定的应用程序或实用程序,如数据库管理系统,也包括访问控制功能。外部设备,如防火墙,也可以提供访问控制服务。

  • 第14题:

    Network security consists of policies and practices to prevent and monitor( )access,misuse,modification, or denial of a computer network and network-accessible resources.Network security involves the authorization of access to data in a network,which is controlled by the network( ). Users choose or are assigned an ID and password or other authenticating information that allows them to access to information and programs within their authority.Network security secures the network,as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a(请作答此空)name and a corresponding password. Network security starts with authentication.Once authenticated a ( ) enforces policies such as what services are allowed to be accessed by the network users. Though effective to prevent unauthorized access, this component may fail to check potentially harmful content such as computer( )or Trojans being transmitted over the network

    A.complex
    B.unique
    C.catchy
    D.long

    答案:B
    解析:
    网络安全概念。

  • 第15题:

    Which two components should be part of a security implementation plan?()

    • A、detailed list of personnel assigned to each task within the plan
    • B、a Layer 2 spanning tree design topology
    • C、rollback guidelines
    • D、placing all unused access ports in VLAN 1 to proactively manage port security
    • E、enabling SNMP access to Cisco Discovery Protocol data for logging and forensic analysis

    正确答案:B,C

  • 第16题:

    Which two pieces of information are needed when declaring the web resource collection in the deployment descriptor?()

    • A、 the URL pattern that requires authorization
    • B、 the HTTP methods that require authorization
    • C、 the users allowed access to the web resource
    • D、 the J2EE roles allowed access to the web resource
    • E、 the authentication mechanism required by the web resource

    正确答案:A,B

  • 第17题:

    Which two security mechanisms protect the response stream?()

    • A、 authorization
    • B、 data integrity
    • C、 confidentiality
    • D、 authentication

    正确答案:B,C

  • 第18题:

    Which component of VPN technology ensures that data can be read only by its intended recipient?()

    • A、data integrity
    • B、encryption
    • C、key exchange
    • D、authentication

    正确答案:D

  • 第19题:

    Which security mechanism can be directed through the  element in a web deployment descriptor()?

    • A、 authorization
    • B、 data integrity
    • C、 confidentiality
    • D、 authentication

    正确答案:D

  • 第20题:

    Which two security mechanisms can be directed through a sub-element of the element in a web application deployment descriptor?()

    • A、Authorization
    • B、Data integrity
    • C、Confidentiality
    • D、Authentication

    正确答案:B,C

  • 第21题:

    Which three security concerns can be addressed by a tunnel mode IPsec VPN secured by ESP?()

    • A、data integrity
    • B、data confidentiality
    • C、data authentication
    • D、outer IP header confidentiality
    • E、outer IP header authentication

    正确答案:A,B,C

  • 第22题:

    单选题
    Which security mechanism is employed only on the server-side to limit access to resources or components?()
    A

     authorization

    B

     data integrity

    C

     confidentiality

    D

     authentication


    正确答案: A
    解析: 暂无解析

  • 第23题:

    单选题
    Under which configuration hierarchy is an access profile configured for firewall user authentication?()
    A

    [edit access]

    B

    [edit security access]

    C

    [edit firewall access]

    D

    [edit firewall-authentication]


    正确答案: A
    解析: 暂无解析

相关内容