GCC Class 2 Lesson 2 Quiz

What principle of internal security limits users or groups to only the objects and resources they require to perform their duties?
A. Authentication.
B. Separation of duties.
C. Principle of least privilege.
D. Access control.

The ACL statement "access-list 10 deny any" is an example of what type of access control policy?
A. Explicit deny.
B. Implicit deny.
C. Implicit permit.
D. Explicit permit.

What type of access control policy limits requesters to only the privileges and permissions associated with the performance of their
job function?
A. Role-based access control.
B. Mandatory access control.
C. Rules-based access control.
D. Discretionary access control.

What internal control principle is intended to prevent theft and misappropriation, and limits access to secured objects?
A. Separation of duties.
B. Mandatory access control.
C. Single sign-on
D. Two-signature authorization.

What international standard denes a security specification for operating systems and access control?
A. Common Criteria.
B. OTP
C. RFID.
D. OSI.