Q.1 What is the primary purpose of Access Control in cybersecurity?
To monitor network traffic
To prevent unauthorized access to resources
To encrypt data in transit
To backup sensitive data
Explanation - Access Control is used to ensure that only authorized users can access specific resources or data, maintaining security and privacy.
Correct answer is: To prevent unauthorized access to resources
Q.2 Which of the following is NOT a type of access control?
Discretionary Access Control (DAC)
Mandatory Access Control (MAC)
Role-Based Access Control (RBAC)
Public Key Access Control (PKAC)
Explanation - DAC, MAC, and RBAC are standard access control models. Public Key Access Control is not a recognized access control model.
Correct answer is: Public Key Access Control (PKAC)
Q.3 In Role-Based Access Control (RBAC), access permissions are assigned based on:
User roles
User age
User location
User password strength
Explanation - RBAC assigns permissions based on a user's role in an organization, simplifying management of access rights.
Correct answer is: User roles
Q.4 Which access control model uses labels to determine access rights?
Discretionary Access Control
Mandatory Access Control
Role-Based Access Control
Attribute-Based Access Control
Explanation - MAC uses security labels (e.g., confidential, secret, top secret) to enforce access policies regardless of user discretion.
Correct answer is: Mandatory Access Control
Q.5 Which factor is NOT part of multi-factor authentication (MFA)?
Something you know
Something you have
Something you are
Something you share publicly
Explanation - MFA requires a combination of knowledge (password), possession (token), and inherence (biometrics). Sharing publicly is not part of MFA.
Correct answer is: Something you share publicly
Q.6 Which identity management function helps in verifying a user’s credentials?
Authentication
Authorization
Auditing
Provisioning
Explanation - Authentication is the process of verifying that a user is who they claim to be, usually via credentials like passwords or biometrics.
Correct answer is: Authentication
Q.7 Single Sign-On (SSO) primarily helps to:
Allow multiple passwords for one account
Reduce the number of login prompts for users
Prevent unauthorized access entirely
Encrypt data in storage
Explanation - SSO allows users to authenticate once and gain access to multiple systems without repeated logins, improving usability.
Correct answer is: Reduce the number of login prompts for users
Q.8 Which of the following is a common authentication method?
Password-based
MAC address filtering
Firewall rules
Intrusion detection
Explanation - Password-based authentication is the most common method for verifying user identity in access control systems.
Correct answer is: Password-based
Q.9 Attribute-Based Access Control (ABAC) grants access based on:
User identity only
Predefined roles only
Attributes like location, time, and department
Password complexity
Explanation - ABAC evaluates various attributes of the user and environment to dynamically determine access permissions.
Correct answer is: Attributes like location, time, and department
Q.10 Which identity management component deals with creating, updating, and deleting user accounts?
Provisioning
Authentication
Authorization
Encryption
Explanation - Provisioning handles the lifecycle of user accounts, ensuring proper access is granted and revoked as needed.
Correct answer is: Provisioning
Q.11 What is the purpose of an Access Control List (ACL)?
To list all system vulnerabilities
To define which users or groups can access an object
To store encryption keys
To monitor network traffic
Explanation - ACLs specify permissions attached to objects, controlling which users or groups can perform actions on them.
Correct answer is: To define which users or groups can access an object
Q.12 Which authentication protocol is commonly used in enterprise environments for centralized login?
Kerberos
SSL
FTP
SMTP
Explanation - Kerberos is a network authentication protocol that uses tickets for secure, centralized authentication in enterprise networks.
Correct answer is: Kerberos
Q.13 Separation of duties in access control helps to:
Improve network speed
Reduce the risk of fraud or error
Enhance password complexity
Simplify backup processes
Explanation - Separation of duties ensures that no single individual has full control over critical tasks, preventing misuse or mistakes.
Correct answer is: Reduce the risk of fraud or error
Q.14 Which of these is an example of physical access control?
Biometric fingerprint scanner
VPN login
Firewall rule
Two-factor authentication app
Explanation - Physical access control involves controlling access to physical locations or devices, such as using biometric scanners or keycards.
Correct answer is: Biometric fingerprint scanner
Q.15 Which access control model is best suited for highly secure environments like government systems?
Mandatory Access Control
Discretionary Access Control
Role-Based Access Control
Open Access Control
Explanation - MAC enforces strict access policies based on security labels, making it suitable for sensitive government or military systems.
Correct answer is: Mandatory Access Control
Q.16 What is the main function of Single Sign-On (SSO) combined with MFA?
Improve usability while enhancing security
Eliminate all passwords
Grant unlimited access
Replace encryption protocols
Explanation - SSO simplifies login, and combining it with MFA ensures that the authentication process remains secure.
Correct answer is: Improve usability while enhancing security
Q.17 Which of the following is a risk if identity management is poorly implemented?
Unauthorized access to sensitive data
Improved network performance
Faster authentication
Reduced login attempts
Explanation - Improper identity management can allow attackers or unauthorized users to gain access to critical resources.
Correct answer is: Unauthorized access to sensitive data
Q.18 What does the principle of least privilege state?
Users should have full access to all resources
Users should have no access
Users should only have access necessary to perform their duties
All users should share the same access
Explanation - The least privilege principle limits access to the minimum required, reducing potential security risks.
Correct answer is: Users should only have access necessary to perform their duties
Q.19 Which method can enhance identity management in cloud environments?
Federated identity
Using a single password for all apps
Disabling authentication
Sharing credentials over email
Explanation - Federated identity allows users to access multiple systems across organizations using a single identity, improving management and security.
Correct answer is: Federated identity
Q.20 What is the difference between authentication and authorization?
Authentication verifies identity; authorization grants access
Authorization verifies identity; authentication grants access
Both are the same
Authentication encrypts data; authorization decrypts it
Explanation - Authentication confirms who a user is, while authorization determines what resources the user can access.
Correct answer is: Authentication verifies identity; authorization grants access
Q.21 Which of the following is considered a strong form of authentication?
Password only
Password + OTP
Username only
Public Wi-Fi login
Explanation - Using multi-factor authentication like password + OTP increases security compared to using a password alone.
Correct answer is: Password + OTP
Q.22 Which of these is NOT a benefit of using RBAC?
Simplifies permission management
Reduces administrative errors
Automatically detects malware
Ensures consistent access policies
Explanation - RBAC is for managing user permissions and roles; it does not detect malware.
Correct answer is: Automatically detects malware
Q.23 Which of the following is an example of logical access control?
Username and password login
Biometric door scanner
Security guard at entry
Locked server cabinet
Explanation - Logical access control restricts access to digital resources, like software systems, via credentials or authentication mechanisms.
Correct answer is: Username and password login
Q.24 In identity management, auditing is primarily used to:
Track user activity and access for security purposes
Encrypt passwords
Assign user roles automatically
Reset user credentials
Explanation - Auditing monitors and logs user actions, which helps in detecting unauthorized activity and ensuring compliance.
Correct answer is: Track user activity and access for security purposes