Explore key concepts related to user accounts, group management, and authentication fundamentals. Assess your understanding of access control principles and best practices for managing users and groups securely.
Which statement best describes the relationship between users and groups in an operating system’s access control environment?
Explanation: Groups are designed to simplify permission management by grouping together user accounts with similar access needs. Users are individual accounts, and not collections of groups, making the second option incorrect. Groups do not typically contain processes but user accounts, so the third option is inaccurate. Users do not inherently have higher privileges than groups; privileges depend on assigned roles and memberships, making the last option misleading.
Which of the following is an example of two-factor authentication for logging into an account?
Explanation: Two-factor authentication involves verifying identity using two different types of factors, such as something you know (password) and something you are (fingerprint). Using two different passwords does not count as two factors, just two pieces of the same kind (something you know), so option two is incorrect. Automatic login and confirming a username do not add any authentication factors, making options three and four less secure.
Why is it considered a best practice to assign users only the minimum permissions necessary for their tasks?
Explanation: Assigning minimum necessary permissions helps contain any risks if a user account is exploited, reducing security threats. The number of permissions assigned does not influence system speed or the number of users, so option two is wrong. Minimum permissions do not cause groups to receive upgrades, nor do they stop users from joining new groups, making options three and four incorrect.
If a user is added to a new group with certain permissions, what effect does this typically have immediately?
Explanation: When a user is added to a group, they inherit the permissions granted to the group, which allows access to resources as set by that group. Adding a user to a group does not automatically trigger a password reset or remove them from other groups, making options two and three incorrect. There is usually no need to reapply for account approval due to group assignment, so the fourth option is incorrect.
Which approach is recommended for users to create strong and secure passwords for authentication?
Explanation: A password that combines letters, numbers, and symbols in a lengthy phrase is much harder to guess or crack, significantly improving security. Repeating a simple word or using a dictionary word are risky practices, as these are easily predicted or brute-forced; therefore, options two and three are unsafe. Writing passwords in publicly visible places, such as a sticky note, exposes them to anyone nearby, making option four an unsafe practice.