A few questions if i may!

hello all,

I got this question from my testing software that i use to prepare for the secuirty+exam.

You are the network admin responsible for selecting the access control method that will be used for a new kiosk system to be used in a local musuems donors want to have full access to information at all times, but visitors should only have access to those items in current display. Which form of access control would be appropriate to this requirement. Choose the two best answers.
A. Role based access control (RBAC)
B. Discretionary access control (DAC)
C. Mandatory access control (MAC)
D. Rule based access control (RBAC)

Could you give me your response to this question please?

Also could you tell me the bit strength of SSL i believe it to be 40 or 128 bit, 128 bit being the mostly used today. Also port number i believe it to be 443 when used with Https is that the only port number for SSL or does it have its own port assignment?. As i cant find it.

Any help would be great

Thanks in advance

Regards

Eamonn

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

seuss_ssues

On the first question i would have to go with Role Based Access Controls and DAC.

I beleive SSL goes from 40 bit all the way to 256 bit with 128 being standard today.

SSL uses port 443.

The reason why it is often listed as https as using port 443 is that SSL was created by netscape as a means for encryption on the web. SSL was such a good system that it started being used for alot more than just http traffic.

So just remember that SSL uses port 443.
https is http encapsulated in SSL so it also uses 443

443 is the standard port, but it can be used on any port you choose.

seuss_ssues

PremierCisco

Hi seuss_sseues,

Thanks for the reply much appreciated.

I taught the same however according the the software it is role based amd MAC.

Thanks for clearing up the SSL question for me.

Regards

Eamonn

Megadeth4168

I don't have my security+ nor do I consider myself an expert on the subject.... But I would have chosen the same answers that the testing software said to be correct.

PremierCisco

Hi Megadeth4168,

Thanks for the reply much appriciated.

Regards

Eamonn

nachius

DAC is permissions given by the object owner - in this case this is not fitting as there is no defined object/owner.

It is Definitely RBAC as there are 2 defined rules donors and visitors.

The 2nd best choice would in fact be MAC as being determined by the OS not by the object owner.

On the second question port 443 is standard and for the test SSL is 40/128 bit.

Megadeth4168

nachius wrote:

DAC is permissions given by the object owner - in this case this is not fitting as there is no defined object/owner.

It is Definitely RBAC as there are 2 defined rules donors and visitors.

The 2nd best choice would in fact be MAC as being determined by the OS not by the object owner.

Yeah, that's along the lines I was thinking as well.

PremierCisco

Hi all,

Thanks for all the replies much appreciated.

Regards

Eamonn