Assess your understanding of key concepts in security and user management, including roles, privileges, authentication, and access control policies within analytics platforms. This quiz provides practical scenarios for managing user accounts and safeguarding sensitive data.
Which authentication method requires users to provide something they have, such as a security token, along with a password to access their account?
Explanation: Two-factor authentication combines something the user knows (like a password) with something they have (like a security token), making it more secure. Single sign-off focuses on logging users out of multiple systems, not authenticating. Basic username login uses just credentials without extra verification. Role-level authorization is about permissions, not user identity verification.
When a user belongs to multiple groups with conflicting privileges, which privilege setting generally takes precedence?
Explanation: Typically, when conflicting privileges arise, denial of access overrides any permission to enhance security. Choosing the most permissive could allow unintended access. The alphabetical group or newest group joined are irrelevant factors in privilege resolution. This approach minimizes risk by defaulting to caution.
If a user enters an incorrect password too many times in a short period, what security mechanism is commonly triggered?
Explanation: Account lockout temporarily or permanently disables access after repeated failed login attempts to prevent unauthorized access or brute-force attacks. Data encryption secures stored data, not accounts. Privilege escalation is a security threat, not a defense. Data masking hides sensitive data in views but is unrelated to login attempts.
What is the main function of assigning roles to users within an analytics system?
Explanation: Roles determine the actions users can perform, controlling access to specific features and data. Profile pictures are part of user personalization, not security. Query processing speed is managed elsewhere. Organizing users by favorite report is an organizational preference, not a security feature.
A system administrator enforces that passwords must contain letters, numbers, and special characters. What is this requirement called?
Explanation: A password complexity policy ensures passwords meet certain criteria, enhancing security against guessing attacks. Data retention is about how long to keep data. User throttling manages request rates, and network segmentation concerns network architecture, not password rules.
Which security principle ensures users are granted only the minimum access necessary to perform their tasks?
Explanation: The least privilege principle limits user permissions to only what is needed, reducing security risks. Open access contradicts this principle by allowing broad permissions. Maximum exposure is the opposite of restricted access. Role inheritance refers to permission structures, not the minimal access principle.
What is the primary reason for maintaining audit logs of user activities in an analytics platform?
Explanation: Audit logs capture user actions to detect unauthorized activity and support compliance requirements. Report speed and dashboard themes are unrelated to audit trails. Guest registration is managed through access settings, not activity logging.
What is a key advantage of implementing single sign-on for user management?
Explanation: Single sign-on allows users to log in once and access several applications, improving convenience and reducing password fatigue. Immediate password expiration could frustrate users. Report layout customization is unrelated to authentication. Account auditing remains important independent of SSO.
What typically happens in an analytics platform when a user account is deactivated?
Explanation: Deactivating an account prevents the user from accessing the system, which secures data if the account is no longer needed. Providing increased privileges would be a security risk. Automatically deleting user-created reports is not a standard procedure. Publishing passwords is a severe security violation.
Which access control works by limiting user access to specific sets of data rows based on criteria, such as departmental assignment?
Explanation: Row-level security restricts data access at the granular row level, often by department or other criteria. File-level compression is about reducing file size, not data access. User enumeration refers to listing user accounts, and column mapping deals with aligning fields, but not restricting by data rows.