In the fields of physical security and information security, access control is the selective restriction of access to a place or other resource. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization (授权).An access control mechanism (71) between a user (or a process executing on behalf of a user) and system resources, such as applications, operating systems, firewalls, routers, files, and databases. The system must first authenticate(验证)a user seeking access. Typically the authentication function determines whether the user is (72) to access the system at all. Then the access control function determines if the specific requested access by this user is permitted. A security administrator maintains an authorization database that specifies what type of access to which resources is allowed for this user. The access control function consults this database to determine whether to(73)access. An auditing function monitors and keeps a record of user accesses to system resources.In practice, a number of(74)may cooperatively share the access control function. All operating systems have at least a rudimentary(基本的), and in many cases a quite robust, access control component. Add-on security packages can add to the(75)access control capabilities of the OS. Particular applications or utilities, such as a database management system, also incorporate access control functions. External devices, such as firewalls, can also provide access control services.A.cooperatesB.coordinates C.connects D.mediates
In the fields of physical security and information security, access control is the selective restriction of access to a place or other resource. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization (授权).
An access control mechanism (71) between a user (or a process executing on behalf of a user) and system resources, such as applications, operating systems, firewalls, routers, files, and databases. The system must first authenticate(验证)a user seeking access. Typically the authentication function determines whether the user is (72) to access the system at all. Then the access control function determines if the specific requested access by this user is permitted. A security administrator maintains an authorization database that specifies what type of access to which resources is allowed for this user. The access control function consults this database to determine whether to(73)access. An auditing function monitors and keeps a record of user accesses to system resources.
In practice, a number of(74)may cooperatively share the access control function. All operating systems have at least a rudimentary(基本的), and in many cases a quite robust, access control component. Add-on security packages can add to the(75)access control capabilities of the OS. Particular applications or utilities, such as a database management system, also incorporate access control functions. External devices, such as firewalls, can also provide access control services.
An access control mechanism (71) between a user (or a process executing on behalf of a user) and system resources, such as applications, operating systems, firewalls, routers, files, and databases. The system must first authenticate(验证)a user seeking access. Typically the authentication function determines whether the user is (72) to access the system at all. Then the access control function determines if the specific requested access by this user is permitted. A security administrator maintains an authorization database that specifies what type of access to which resources is allowed for this user. The access control function consults this database to determine whether to(73)access. An auditing function monitors and keeps a record of user accesses to system resources.
In practice, a number of(74)may cooperatively share the access control function. All operating systems have at least a rudimentary(基本的), and in many cases a quite robust, access control component. Add-on security packages can add to the(75)access control capabilities of the OS. Particular applications or utilities, such as a database management system, also incorporate access control functions. External devices, such as firewalls, can also provide access control services.
A.cooperates
B.coordinates
C.connects
D.mediates
B.coordinates
C.connects
D.mediates
参考解析
解析:在物理安全和信息安全领域,访问控制是对一个地方或其他资源的访问限制。访问的行为可能意味着消费、输入或使用。允许访问资源被称为授权。
访问控制机制连接用户(代表用户执行的进程)和系统资源(如应用程序、操作系统、防火墙、路由器、文件和数据库)之间的连接。系统必须首先对用户进行身份验证。通常,身份验证功能决定用户是否被允许访问系统。然后,访问控制功能决定是否允许该用户指定的访问权限。安全管理员维护一个授权数据库,该数据库指定允许该用户访问哪些资源的类型。访问控制函数咨询此数据库以确定是否授予访问权。审计功能监视并保存用户访问系统资源的记录。
在实践中,一些用户可以合作共享访问控制函数。所有操作系统都至少有一个基本的,而且在许多情况下是一个相当健壮的访问控制组件。附加安全包可以添加到操作系统的自动访问控制功能。特定的应用程序或实用程序,如数据库管理系统,也包括访问控制功能。外部设备,如防火墙,也可以提供访问控制服务。
访问控制机制连接用户(代表用户执行的进程)和系统资源(如应用程序、操作系统、防火墙、路由器、文件和数据库)之间的连接。系统必须首先对用户进行身份验证。通常,身份验证功能决定用户是否被允许访问系统。然后,访问控制功能决定是否允许该用户指定的访问权限。安全管理员维护一个授权数据库,该数据库指定允许该用户访问哪些资源的类型。访问控制函数咨询此数据库以确定是否授予访问权。审计功能监视并保存用户访问系统资源的记录。
在实践中,一些用户可以合作共享访问控制函数。所有操作系统都至少有一个基本的,而且在许多情况下是一个相当健壮的访问控制组件。附加安全包可以添加到操作系统的自动访问控制功能。特定的应用程序或实用程序,如数据库管理系统,也包括访问控制功能。外部设备,如防火墙,也可以提供访问控制服务。
相关考题:
NAC's(Network Access Control)role is to restrict network access to only compliant endpoints and(66)users. However, NAC is not a complete LAN(67)solution; additional proactive and(68)security measures must be implemented. Nevis is the first and only comprehensive LAN security solution that combines deep security processing of every packet at 10Gbps, ensuring a high level of security plus application availability and performance. Nevis integrates NAC as the first line of LAN security(69). In addition to NAC, enterprises need to implement role-based network access control as well as critical proactive security measures — real-time, multilevel(70)inspection and microsecond threat containment.A.automatedB.distinguishedC.authenticatedD.destructed
What information does the Junos Pulse Access Control Service provide to Security Threat Response Manager (STRM)?() A. Session lengthB. User browser informationC. Session IP addressD. User identity information
In the fields of physical security and information security,access control is the selective restriction of access to a place or other resource.The act of accessing may mean consuming,entering,or using.Permission to access a resource is called authorization(授权).An access control mechanism(71)between a user(or a process executing on behalf of a user)and system resources,such as applications,operating systems,firewalls,routers,files,and databases.The system must first authenticate(验证)a user seeking access.Typically the authentication function determines whether the user is(72)to access the system at all.Then the access control function determines if the specific requested access by this user is permitted.A security administrator maintains an authorization database that specifies what type of access to which resources is allowed for this user.The access control function consults this database to determine whether to(73)access.An auditing function monitors and keeps a record of user accesses to system resources.In practice,a number of(74)may cooperatively share the access control function.All operating systems have at least a rudimentary(基本的),and in many cases a quite robust,access control component.Add-on security packages can add to the(75)access control capabilities of the OS.Particular applications or utilities,such as a database management system,also incorporate access control functions.External devices,such as firewalls,can also provide access control services.A.cooperatesB.coordinatesC.connectsD.mediates
In the fields of physical security and information security, access control is the selective restriction of access to a place or other resource. The act of accessing may mean consuming,entering, or using. Permission to access a resource is called authorization(授权).An access control mechanism( )between a user (or a process executing on behalf of a user) and system resources, such as applications, operating systems, firewalls; routers, files,and databases. The system must first authenticate(验证)a user seeking access. Typically the authentication function determines whether the user is ( ) to access the system at all.Then the access control function determines if the specific requested access by this user is permitted. A security administrator maintains an authorization database that specifies what type of access to which resources is allowed for this user. The access control function consults this database to determine whether to( ) access. An auditing function monitors and keeps a record of user accesses to system resources.In practice, a number of(请作答此空)may cooperatively share the access control function. All Operating systems have at least a rudimentary(基本的).and in many cases a quite robust, access control component. Add-on security packages can add to the ( )access control capabilities of the OS. Particular applications .or utilities, such as a database management system, also incorporate access control functions. External devices, such as firewalls, can also provide access control services .A.componentsB.usersC.mechanismsD.algorithms
NAC's (Network Access Control) role is to restrict network access to only compliant endpoints and (请作答此空)users. However, NAC is not a complete LAN( )solution; additional proactive and ( )security measures must be implemented, Nevis is the first and only comprehensive LAN security solution that combines deep security processing of every packet at 10Gbps, ensuring a high level of security plus application availability and performance. Nevis integrates NAC as the first line of LAN security( ). In addition to NAC, enterprises need to implement role-based network access control as well as critical proactive security measures—real-time, multilevel( )inspection and microsecond threat containment.A.automated]B.distinguished]C.authenticated]D.destructed]
Network security consists of policies and practices to prevent and monitor( )access,misuse,modification, or denial of a computer network and network-accessible resources.Network security involves the authorization of access to data in a network,which is controlled by the network( ). Users choose or are assigned an ID and password or other authenticating information that allows them to access to information and programs within their authority.Network security secures the network,as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a(请作答此空)name and a corresponding password. Network security starts with authentication.Once authenticated a ( ) enforces policies such as what services are allowed to be accessed by the network users. Though effective to prevent unauthorized access, this component may fail to check potentially harmful content such as computer( )or Trojans being transmitted over the networkA.complexB.uniqueC.catchyD.long
What are two reasons that a network administrator would use access lists (Choose two.)()。A、to control vty access into a routerB、to control broadcast traffic through a routerC、to filter traffic as it passes through a routerD、to filter traffic that originates from the routerE、to replace passwords as a line of defense against security incursions
LDAP is being utilized throughout the Company Wireless network. Which issue or set of issues does the Lightweight Access Point Protocol (LWAPP) address? ()A、 Reduction of processing in wireless controllersB、 Distributed approach to authentication, encryption, and policy enforcementC、 Access point discovery, information exchange, and configurationD、 Provides security by blocking communication between access points and wireless clientsE、 None of the other alternatives apply.
Which two statements apply to dynamic access lists?()A、they offer simpler management in large internetworks.B、you can control logging messages.C、they allow packets to be filtered based on upper-layer session information.D、you can set a time-based security policy.E、they provide a level of security against spoofing.F、they are used to authenticate individual users
What are two benefits of integrating Junos Pulse Access Control Service with Security Threat Response Manager (STRM)?()A、The ability to detect and prevent malicious traffic.B、The ability to associate security breaches with a specific user.C、Converged management of network and security events, network flow data, and identity information.D、Consistent device management across administrative realms.
Which issue or set of issues does the Lightweight Access Point Protocol (LWAPP) address?()A、 reduction of processing in wireless controllersB、 distributed approach to authentication, encryption, and policy enforcementC、 provides security by blocking communication between access points and wireless clientsD、 access point discovery, information exchange, and configuration
The LWAPP (Lightweight Access Point Protocol) is in use within the Company wireless LAN. Which statement is true about this protocol?()A、 Real-time frame exchange is accomplished within the access point.B、 The control traffic between the client and the access point is encapsulated with the LWAPP. C、 Authentication, security, and mobility are handled by the access point.D、 Data traffic between the client and the access point is encapsulated with LWAPP.E、 None of the other alternatives apply
What is the goal of the borderless network architecture?()A、to provide users with A single device that permits access to information anywhereB、to provide users with the same productivity and access to information no matter where are or which device they useC、to eliminate the need for border security and firewallsD、to provide companies with A way to extend their security and control over employees on the internet
What is the goal of the borderless network architecture?()A、to provide users withA single device that permits access to information anywhereB、to provide users with the same productivity and access to information no matter where are or which device they useC、to eliminate the need for border security and firewallsD、to provide companies withA way to extend their security and control over employees on the internet
When determining a customer’s security requirements using the security site survey from the steps for success methodology, which three of theses should be included in the customer’s security policy and procedures?()A、Third-party due diligence policy reviewB、Remote Access PolicyC、Encryption PolicyD、Application change control policyE、Security Personnel policy
A technician works in a datacenter that is shared by multiple companies. The technician isconcerned with preventing the theft of proprietary information by other technicians with access to the datacenter. Which of the following is the BEST way to prevent data theft in this scenario?()A、MantrapsB、Two-factor authenticationC、Security personnelD、Locked rack doors
The root id is set so that direct login is disabled. Information must be reviewed relating to when root access was obtained. In which of the following files is this information located?()A、 /var/adm/sulog B、 /var/adm/wtmp C、 /etc/security/user D、 /etc/security/failedlogin
You are the administrator of your company’s network. Ten Windows 2000 Professional computers are located in the Research department. The computers contain highly confidential information. You want the 10 computers to be able to communicate with other Windows 2000 Professional computers on the network. However, you do not want them to communicate with computers that are not running Windows 2000, including those that are running Windows 95, Windows 98 and Windows NT. You want to configure a security policy on each computer to ensure that the confidential information is secure. What should you do?()A、Use Security Configuration and Analysis to import the Hisecws.inf security template file to modify the default security settings.B、Use security templates to create a security template file and import the security settings to modify the default security settings.C、Use the local computer policy to disable the access to this computer from the network option.D、Use Secedit.exe to reconfigure the computers’ default security settings to not allow anonymous access to the computers.
单选题What is the goal of the borderless network architecture?()Ato provide users withA single device that permits access to information anywhereBto provide users with the same productivity and access to information no matter where are or which device they useCto eliminate the need for border security and firewallsDto provide companies withA way to extend their security and control over employees on the internet
多选题You want to create a security policy on an SRX240 that redirects unauthenticated users back to the Junos Pulse Access Control Service.Which two steps must you take to accomplish this task?()AConfigure a captive-portal service that redirects all traffic back to the Junos Pulse Access Control Service.BConfigure a security policy that references the unified-access-control captive-portal service.CConfigure a captive-portal service that redirects unauthenticated traffic back to the Junos Pulse Access Control Service.DConfigure a security policy that references the unified-access-control intranet-controller service.
单选题LDAP is being utilized throughout the Company Wireless network. Which issue or set of issues does the Lightweight Access Point Protocol (LWAPP) address? ()A Reduction of processing in wireless controllersB Distributed approach to authentication, encryption, and policy enforcementC Access point discovery, information exchange, and configurationD Provides security by blocking communication between access points and wireless clientsE None of the other alternatives apply.
单选题The LWAPP (Lightweight Access Point Protocol) is in use within the Company wireless LAN. Which statement is true about this protocol?()A Real-time frame exchange is accomplished within the access point.B The control traffic between the client and the access point is encapsulated with the LWAPP. C Authentication, security, and mobility are handled by the access point.D Data traffic between the client and the access point is encapsulated with LWAPP.E None of the other alternatives apply
单选题Your security policy requires that users authenticating to the Junos Pulse Access Control Service are connecting from a domain member endpoint on the internal corporate network.Which set of role access restrictions must you configure to enforce this security policy?()ASource IP and browserBSource IP and certificateCCertificate and Host CheckerDHost Checker and source IP
多选题What information does the Junos Pulse Access Control Service provide to Security Threat Response Manager (STRM)?()ASession lengthBUser browser informationCSession IP addressDUser identity information
单选题The root id is set so that direct login is disabled. Information must be reviewed relating to when root access was obtained. In which of the following files is this information located?()A /var/adm/sulog B /var/adm/wtmp C /etc/security/user D /etc/security/failedlogin
单选题Which Cisco product family can simultaneously implement firewall, VPN, content security, network access control, virtualization, anD content filtering?()Acatalyst switchesBadaptive security appliancesCintrusion prevention systemsDprotect link gateway
多选题What are two benefits of integrating Junos Pulse Access Control Service with Security Threat Response Manager (STRM)?()AThe ability to detect and prevent malicious traffic.BThe ability to associate security breaches with a specific user.CConverged management of network and security events, network flow data, and identity information.DConsistent device management across administrative realms.
单选题What is the goal of the borderless network architecture?()Ato provide users with A single device that permits access to information anywhereBto provide users with the same productivity and access to information no matter where are or which device they useCto eliminate the need for border security and firewallsDto provide companies with A way to extend their security and control over employees on the internet