Describe a secure login procedure typical for BCC workstations.

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the BMO Block 3 Battle Control Center (BCC) Test. Tackle questions with explanations and get ready for your exam with tailored quizzes and exam formats. Enhance your skills and confidence!

Multiple Choice

Describe a secure login procedure typical for BCC workstations.

Explanation:
Defense-in-depth for workstation access emphasizes strong verification, controlled privileges, time-bound access, and traceability. Multi-factor authentication adds at least two forms of verification, so even if a password is compromised, an attacker still needs a second factor to gain access. Role-based access enforces least privilege, ensuring users can only reach the systems and data necessary for their role. Session timeouts help prevent unauthorized use after a user leaves a workstation, and audit logging records who signs in, when, from where, and what actions are taken, providing visibility for monitoring and investigations. The other options miss essential controls. A single-factor password with no audit logging leaves credentials vulnerable and provides no record of who did what. Public guest access with no authentication is inherently insecure and unsuitable for a controlled environment. Requiring external USB tokens for every login, with no restrictions, would still raise concerns about token management, loss, and lack of integrated access control and auditing.

Defense-in-depth for workstation access emphasizes strong verification, controlled privileges, time-bound access, and traceability. Multi-factor authentication adds at least two forms of verification, so even if a password is compromised, an attacker still needs a second factor to gain access. Role-based access enforces least privilege, ensuring users can only reach the systems and data necessary for their role. Session timeouts help prevent unauthorized use after a user leaves a workstation, and audit logging records who signs in, when, from where, and what actions are taken, providing visibility for monitoring and investigations.

The other options miss essential controls. A single-factor password with no audit logging leaves credentials vulnerable and provides no record of who did what. Public guest access with no authentication is inherently insecure and unsuitable for a controlled environment. Requiring external USB tokens for every login, with no restrictions, would still raise concerns about token management, loss, and lack of integrated access control and auditing.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy