Access Control and Security Fundamentals Questions

Covers principles and practices for controlling access to systems, files, and network resources. Topics include authentication versus authorization, common authentication methods such as password based and key based authentication, multi factor authentication concepts, and key management for Secure Shell. Explain authorization models including discretionary access control, mandatory access control, role based access control, and attribute based access control, and concrete implementations such as Unix style file permission bits and access control lists. Understand identity stores and local versus network authentication approaches, including directory services. Emphasize the principle of least privilege, delegation of administrator privileges and use of superuser tools, privileged account management, and secure account lifecycle practices. Also cover basic security hardening measures, configuration management to reduce attack surface, and audit logging and monitoring for access events to support detection and forensic analysis.