首页
登录
从业资格
In the fields of physical security and i
In the fields of physical security and i
考试题库
2022-08-02
69
问题
In the fields of physical security and information security,access control is the selective restriction of access to a place or other resource.The act of accessing may mean consuming,entering,or using.Permission to access a resource is called authorization(授权).An access control mechanism(1)between a user(or a process executing on behalf of a user)and system resources,such as applications,operating systems,firewalls,routers,files,and databases.The system must first authenticate(验证)a user seeking access.Typically the authentication function determines whether the user is(2)to access the system at all.Then the access control function determines if the specific requested access by this user is permitted.A security administrator maintains an authorization database that specifies what type of access to which resources is allowed for this user.The access control function consults this database to determine whether to(3)access.An auditing function monitors and keeps a record of user accesses to system resources.In practice,a number of(4)may cooperatively share the access control function.All operating systems have at least a rudimentary(基本的),and in many cases a quite robust,access control component.Add-on security packages can add to the(5)access control capabilities of the OS.Particular applications or utilities,such as a database management system,also incorporate access control functions.External devices,such as firewalls,can also provide access control services.问题1选项A.cooperatesB.coordinatesC.connectsD.mediates问题2选项A.deniedB.permittedC.prohibitedD.rejected问题3选项A.openB.monitorC.grantD.seek问题4选项A.componentsB.usersC.mechanismsD.algorithms问题5选项A.remoteB.nativeC.controlledD.automated
选项
答案
DBCAB
解析
在物理安全和信息安全领域,访问控制是选择性地限制访问某个地方或其他资源。访问行为可能意味着消耗,进入或使用。授权访问资源称为授权。
访问控制机制介于用户(或代表用户执行的进程)和系统资源之间。资源如应用程序、操作系统、防火墙、路由器、文件和数据库。系统必须先验证(验证)寻求访问权限的用户。通常,认证功能确定用户是否能被允许访问该系统。然后,访问控制功能确定该用户的特定请求的访问是否被允许。一个安全管理员维护一个授权数据库,该数据库指定该用户允许哪些资源的访问类型。访问控制功能查询此数据库以确定是否授权访问。审计功能监控和保存用户对系统资源的访问记录。
实际上,很多组件可以协同共享访问控制功能。所有的操作系统至少有一个基本的,在许多情况下是一个非常强大的访问控制组件。附加安全软件包可以添加到操作系统的本地安全控制功能。特定的应用程序或实用程序,如数据库管理系统,还包括访问控制功能。外部设备(如防火墙)也可以提供访问控制服务。
转载请注明原文地址:https://tihaiku.com/congyezige/2410337.html
本试题收录于:
中级 软件设计师题库软件水平考试初中高级分类
中级 软件设计师
软件水平考试初中高级
相关试题推荐
Theinformationsecuritymanagementsyst
Inthefieldsofphysicalsecurityandi
Inthefieldsofphysicalsecurityandi
Networksecurityistheprotectionofth
Networksecurityistheprotectionofth
Networksecurityistheprotectionofth
Networksecurityistheprotectionofth
Networksecurityconsistsofpoliciesan
Networksecurityconsistsofpoliciesan
Networksecurityconsistsofpoliciesan
随机试题
Themostnoticeabletrendamongtoday’smediacompaniesisverticalintegrat
ShouldBasicLivingSkillsBecomeCompulsoryatSchool?1.一些人认为基本生活技能也应该成为中国学生的必
对
双层窗的玻璃常采用不同厚度组合,其主要原因在于( )。A.节能要求 B.隔声
水痘患儿不宜使用A.对乙酰氨基酚(扑热息痛) B.阿昔洛韦 C.维生素C
下列哪项不属疏凿饮子的组成A.猪苓、滑石 B.大腹皮、槟榔 C.木通、泽泻、
关于干粉灭火系统的说法,正确的是()A.管道分支不应使用四通管件心 B.干
张某不遵守小区物业安全管理规定,且不听从劝阻,将电动自行车停放在楼道内充电,某天
甲状腺功能减退症最常见的病因是 A.甲状腺大部切除B.131I治疗C.桥
省力杠杆∶费力杠杆∶天平A.短期资产∶长期资产∶固定资产 B.货币基金∶债券基
最新回复
(
0
)