Skip to content

Chapter 14 Controlling and Monitoring Access

Domain 3 & 5

Written Lab

  1. Describe the primary difference between discretionary and nondiscretionary access control models.

    The primary difference between discretionary and nondiscretionary access control models is in how they are controlled and managed. Administrators centrally administer nondiscretionary access controls. DAC models allow owners to make their own changes, and their changes don't affect other parts of the environment.

  2. List at least three standards used to provide single sign-on (SSO) capabilities on the internet.

    Security Assertion Markup Language (SAML), OAuth, OpenID, and OpenID Connect (OIDC).

  3. Identify the PowerShell cmdlet that allows you to run Powershell commands indirectly.

    powershell.exe "& {Get-Content .\hello.ps1 | Invoke-Expression}"

  4. Name a tool that is commonly used in the pass-the-hash and Kerberos exploitation attacks for privilege escalation.

    mimikatz, PsExec.