 |
|
| Register | Practice Exams | TechNotes | Members List | Search | Today's Posts | Mark Forums Read |
| |||||||
 |
| | Thread Tools |
| Member  Join Date: Aug 2009 Location: New Jersey
Posts: 33
Certifications: AAS: Applied Computer Technology (Honors), A+, Network+, Security+  |
 Confusing Facts from Study Guides Sources Hello, I am a new guy here. So, be nice. I just took my Security+ exam yesterday, and unfortunately, I failed with score of 720. Needed 750 to pass. Plan to take it again within the next 7 days, and I am very confident that I will pass the next one. I use CompTIA Security+ Deluxe Study Guide by Emmett Dulaney for my Security+ study. I started it in June and read from cover to cover, and I must say it was not easy reading a chapter in one sitting. Especially, when I have only minimal experiences with 20% of what was on the objectives. Took me about a month and half to finish it. I also bought another study guide from Que. Yes, the ExamCram 2nd edition. It greatly reinforced my understanding what I read in the Sybex book and summarize pretty much what I learned. I highlighted critical facts only in this book, and I also practiced the review questions at the end of each chapters in both books. Before taking the exam, I didn't have enough time to practice all bonus exams at the end of both books. Although, I did practice two bonus exams on the Sybex cds. Today, I decided to review all practice exams that I haven't touch, and I came across this question in the second practice test in the Que book. Question # 10 Which one of the following access control mechanisms prevents disclosure of information by assigning security levels to objects and subjects? A. LDAP B. MAC C. DAC D. RBAC I hope you guys agree that it's B. I believe that's the correct answer, but the actual answer is C. So, I looked in both books to see what is right and wrong, but they failed to explain to me why my answer is incorrect. Can someone please elaborate on this if you have both of the study guides I use? Thanks, __________________ CURRENT PLANS: CCENT: First retest (August 2010) CCNA (ICND2): (pending...) Studying/preparing for second level C++ course FUTURE PLANS: BS: Information Security and Forensics (expected May 2012) LINUX+ (LX0-101 & LX0-102) (Winter 2010) CURRENTLY READING: Linux Administration: A Beginner's Guide Fifth Edition Hacking Exposed 6: Network Security Secrets & Solutions | ||
|  |
|
| Senior Member  Join Date: Nov 2008
Posts: 161
Certifications: cne, mcse, scna, scsa, a+, net+, sec+ |
i wouldnt worry too much about this. these books have errors in them at times. do you feel ok with dac/mac/rbac or has this left you wondering a bit? __________________ GO TEAM VENTURE!!!! | ||
|
| |
| Member Join Date: Aug 2009 Location: New Jersey
Posts: 33
Certifications: AAS: Applied Computer Technology (Honors), A+, Network+, Security+ |
Quote:
__________________ CURRENT PLANS: CCENT: First retest (August 2010) CCNA (ICND2): (pending...) Studying/preparing for second level C++ course FUTURE PLANS: BS: Information Security and Forensics (expected May 2012) LINUX+ (LX0-101 & LX0-102) (Winter 2010) CURRENTLY READING: Linux Administration: A Beginner's Guide Fifth Edition Hacking Exposed 6: Network Security Secrets & Solutions | |||
|
| |
| Senior Member Join Date: Nov 2008
Posts: 161
Certifications: cne, mcse, scna, scsa, a+, net+, sec+ |
the key for me was: dac -- owner sets the access controls. mac -- centralization of setting access controls. check: Discretionary access control - Wikipedia, the free encyclopedia Mandatory access control - Wikipedia, the free encyclopedia Role-based access control - Wikipedia, the free encyclopedia from my view, dac doesnt assign levels to subjects, while mac does. "DAC provides a means of restricting access to objects based on the identity of the users or groups (subjects) that try to access those objects. Depending on a subject's access permissions, they may also be able to pass permissions to other subjects." "Mandatory Access Control (MAC) is a security mechanism that restricts the level of control that users (subjects) have over the objects that they create. Unlike in a DAC implementation, where users have full control over their own files, directories, etc., MAC adds additional labels, or categories, to all file system objects. Users and processes must have the appropriate access to these categories before they can interact with these objects." "Role-based Access Control (RBAC) is an alternative method of controlling user access to file system objects. Instead of access being controlled by user permissions, the system administrator establishes Roles based on business functional requirements or similar criteria. These Roles have different types and levels of access to objects." __________________ GO TEAM VENTURE!!!! | ||
|
| |
| Senior Member Join Date: Mar 2007
Posts: 12,182
 |
As mentioned earlier, don't put too much weight on a practice exam question. I think that the question is worded so vaguely that it could be either. MAC would have been my first choice as well, but what's important is that you understand the differences between them. You will (hopefully) not encounter such a poorly phrased question on the actual exam. __________________ ''=~('(?{'.('[-@.^~'^'+_)@*^').'"'.('@.&@-@@<@~$@^~.@^_'^')@@/^)%[%^@/*^@%*}').',$/})') | ||
|
| |
| Member Registered Member Join Date: Jul 2009 Location: New York, New York
Posts: 38
|
I actually just finished reading the Access Control chapters in the Exam2cram book and watched the CBTnuggets video. I would agree that was a tricky question but I believe that the key term that was overlooked was the word "object". Being fresh in my memory, the keywords to MAC are associated with "Label", "resource" and "system". I think if they used the word "Label" in conjunction with the word Object, then the correct answer would be MAC Last edited by inc0mplete; 09-01-2009 at 05:43 PM. | ||
|
| |
| Bookmarks |
 |
|
« Previous Thread
|
Next Thread »
| Thread Tools | |
| |
All times are GMT. The time now is 06:51 AM.
