Chapter 8
In the /etc/shadow file, which character in the password field indicates that a standard user account is locked?
!
Which file should you edit to limit the amount of concurrent logins for specific users?
/etc/security/limits.conf
Hardware token
Something you have
Smart card
Something you have
PIN
Something you know
Pass phase
Something you know
Password
Something you know
Wi-Fi triangulation
Somewhere are you
LSO exploit
A flash cookie is used to collect information about the user's browsing habits without their permission
Arbitrary code execution exploit
A vulnerability in a running process allows an attacker to inject malicious instructions and run them
Which access control model is based on multilevel where objects are assigned a security classification and subjects are granted a security clearance which allows them to access objects at or below that security classification? A. Mandatory access control (MAC) B. Discretionary access control (DAC) C. Attribute based access control (ABAC) D. Role based access control (RBAC)
A. Mandatory access control (MAC)
Microprobing
Accessing the chip surface directly to observe, manipulate, and interfere with a circuit
Encryption is which type of access control? A. Technical B. Restrictive C. Physical D. Administrative
A. Technical
Watering hole attack
An attacker compromises a Web site, hoping that a target individual will access the site and be exposed tot he exploit
Zero day attack
An attacker exploits computer application vulnerabilities before they are known and patched by the application's developer
Which access control model is based on assigning attributes to objects and using Boolean logic to grant access based on the attributes of the subject? A. Role based access control (RBAC) B. Attribute based access control (ABAC) C. Mandatory access control (MAC) D. Rule based access control
B. Attribute based access control (ABAC)
Audit trails produced by auditing activities are which type of security control? A. Deterrent B. Directive C. Detective D. Preventative
C. Detective
Eavesdropping
Capturing transmission data produced by a card as it is used
Which access control type is used to implement short-term repairs to restore basic functionality following an attack? A. Compensative B. Detective C. Recovery D. Corrective
D. Corrective
What form of access control is based on job descriptions? A. Mandatory access control (MAC) B. Discretionary access control (DAC) C. Location based access control (LBAC) D. Role based access control (RBAC)
D. Role based access control (RBAC)
Which access control model manages rights and permissions based on job description and responsibilities? A. Mandatory access control (MAC) B. Discretionary access control (DAC) C. Task based access control (TBAC) D. Role based access control (RBAC)
D. Role based access control (RBAC)
Fault Generation
Deliberately inducing malfunctions in a card
An administratively defined collection of network resources that share a common directory database and security policies
Domain
A server that holds a copy of the Active Directory database that can be written to
Domain controller
Software Attacks
Exploiting vulnerabilities in a card's protocols or encryption methods
A computing element that identifies resources in the Active Directory database
Objects
A folder that subdivides and organizes network resources within a domain
Organizational Unit
Typing behaviors
Something you do
Lori Redford, who had been a member of the Project Management group, was recently promoted to manager of the team.......What is most likely preventing her from accessing this system?
She is still a member of the Project Management group, which has been denied permission to this system. Deny permissions always override Allow permissions
Fingerprint scan
Something you are
Retina scan
Something you are
Voice recognition
Something you are
You manage a single domain named widgets.com Organizational units (OUs) have been created for each company department. You define a password and account lockout policy for the domain. However...You would like to define a granular password policy for these users. Which tool should you use? a. ADSI Edit b. Active Directory Users and Computers c. Active Directory Domains and Trusts d. Group Policy Management Console and Group Policy Management Editor e. Active Directory Sites and Services
a. ADSI Edit
Which of the following terms describes the component that is generated following authentication and is used to gain access to resources following login? a. Access token b. Cookie c. Proxy d. Account policy
a. Access token
You manage several Windows systems.Desktop users access an in-house application that is hosted on your internet web server.... what should you do? a. Add the URL of the website to the Local intranet zone b. Change the filter level in Pop in Blocker to High c. In Internet Options, use the Privacy tab to turn off Pop up Blocker d. Change the filter level in Pop up Blocker to Medium
a. Add the URL of the website to the Local intranet zone
You want to allow e-commerce websites that you visit to keep track of your browsing history for shopping carts and other information,... How should you configure the browser settings? a. Allow first party cookies, but block third party cookies b. Block cross site scripting c. Enable the phishing filter to check all embedded links in webpages you visit d. Prevent ActiveX controls and Java on linked websites
a. Allow first party cookies, but block third party cookies
Having poor software development practices and failing to program input validation checks during development of custom software can result in a system vulnerable to which type of attack? a. Buffer overflow b. Dictionary c. Superzapping d. Denial of service
a. Buffer overflow
During the application development cycle, an application tester creates multiple virtual machines on a hypervisor, each with a different version and edition of Windows installed. She then installs the latest build of the application being developed on each virtual machine and evaluates each installation for security vulnerabilities.Which assessment technique was used in this scenario? a. Configuration testing b. Code review c. Baseline reporting d. Fuzzing
a. Configuration testing
You manage a single domain named widgets.com Organizational units (OUs) have been created for each company department. User and computer accounts have been moved into their corresponding OUs. You define a password and account lockout policy for the domain. However, members of the Directors OU want to enforce longer passwords than are required for the rest of the users.You need to make the change as easily as possible. Which should you do? a. Create a granular password policy. Apply the policy to all users in the Directors OU b. Create a granular password policy. Apply the policy to all users in the widgets.com domain c. Create a granular password policy. Apply the policy to the Directors OU d. Create a granular password policy. Create a distribution group. Apply the policy to the group. Add all users in the Directors OU to the group
a. Create a granular password policy. Apply the policy to all users in the Directors OU
Which of the following is the most common form of authentication? a. Password b. Fingerprint c. Digital certificate on a smart card d. Photo ID
a. Password
To help prevent browser attacks, users of public computers should do which of the following? a. Ensure that public login credentials are unique b. Clear the browser cache c. Not use any public computer that has been used in the last 30 minutes d. Turn the public computer off immediately after use
b. Clear the browser cache
As you browse the Internet, you notice that when you go to some sites, multiple additional windows are opened automatically. Many of these windows contain advertisement for products that are inappropriate for your family to view. Which tool came you implement to prevent these windows from showing? a. Pop-up blocker b. Anti-spyware c. Phishing filter d. Anti-adware e. Anti-virus
a. Pop-up blocker
You have implemented and access control method that only allows users who are managers to access specific data. Which type of access control model is used? a. RBAC b. MAC c. DACL d. DAC
a. RBAC
You have a website that accepts input from users for creating customer accounts. Input on the form is passed to a database server where the user account information is stored.... Which type of attack has occurred? a. SQL injection b. DLL injection c. Buffer overflow d. Cross site scripting
a. SQL injection
Which of the following is not true of smart cards? a. Smart cards a powered internally by a small battery b. Smart cards are generally considered to a be tamper proof c. Smart cards have their own processor, allowing the card itself to perform its own cryptographic functions d. Smart cards use PKI technology to store digital signatures, cryptography keys, and identification codes
a. Smart cards a powered internally by a small battery
Which of the following is not true regarding cookies? a. They operate within a security sandbox b. They can help a hacker spoof a user's identity c. They can retain connection and session information d. They can collect user information
a. They operate within a security sandbox
Which of the following is an example of a decentralized privilege management solution? a. Workgroup b. TACACS+ c. Active directory d. RADIUS
a. Workgroup
You are the administrator for a small company. You need to add a new group of users to the system. The group's name is sales. Which command will accomplish this? a. groupadd sales b. addgroup -x sales c. groupadd -r sales d. addgroup sales
a. groupadd sales
Due to a merger with another company, standardization is now being imposed throughout the company. As a result of this, the sales group must be renamed marketing. Which of the following commands will accomplish this? a. groupmod -n marketing sales b. grpchange marketing sales c. groupadd -c marketing sales d. grpconv marketing sales
a. groupmod -n marketing sales
Which of the following is not an important aspect of password management? a. Train users to create complex passwords that are easy to remember b. Prevent use of personal information in a password c. Enable account lockout d. Always store passwords in a secure medium
c. Enable account lockout
You manage several Windows systems. All computers are members of a domain.You use an internal website that uses Integrated Windows Authentication...... What should you do? a. Open credential manager and modify your credentials b. Add the internal website to the Local intranet zone c. Add the internal website to the Trusted sites zone d. Create a complex password for your user account
b. Add the internal website to the Local intranet zone
Which of the following is the term for the process of validating a subject's identity? a. Authorization b. Authentication c. Identification d. Auditing
b. Authentication
For users on your network, you ant to automatically lock user accounts if four incorrect passwords are used within 10 minutes What should you do a. Configure the enable/disable feature in the user accounts b. Configure account lockout policies in group policy c. Configure account expiration in the user accounts d. Configure password policies in Group Policy e. Configure day/time restrictions in the user accounts
b. Configure account lockout policies in group policy
You have hired 10 new temporary workers who will be with the company for 3 months.How can you make sure that these users can only log on during regular business hours? a. Configure account lockout policies in group policy b. Configure day/time restrictions in the user accounts c. Configure policies in Group Policy b. Configure account expiration in the user accounts
b. Configure day/time restrictions in the user accounts
You manage an Active Directory domain. All users in the domain have a standard set of internet options configured by a GPO linked to the domain. But you want users in the Administrator OU to have a different set of internet options What should you do? a. Create a GPO user policy for the domain b. Create a GPO user policy for the Administrator OU c. Create a Local Group policy on the computer used by members of the Administrators OU d. Create a GPO computer policy for the Administrators OU
b. Create a GPO user policy for the Administrator OU
Which form of access control enforces security based on user identities and allows individual users to define access controls over owned resources? a. MAC b. DAC c. RBAC d. TBAC
b. DAC
Which of the following defines an object as an entity in the context of access control? a. Users, applications, or processes that need to be given access b. Data, applications, systems, networks, and physical space c. Resources, policies, and system d. Policies, procedures, and technologies that are implemented within a system
b. Data, applications, systems, networks, and physical space
Which of the following are subject to SQL injection attacks? a. Web servers serving static content b. Database servers c. ActiveX controls d. Browsers that allow client side scripts
b. Database servers
When you browse to a website, a pop-up window tell you that your computer has been infected with a virus. You click on the window to see what the problem is... What type of attack has occurred? a. SQL injection b. Drive by download c. Trojan horse d. DLL injection
b. Drive by download
Which of the following enters random data to the input of an application? a. Application hardening b. Fuzzing c. Routines d. Validation rules
b. Fuzzing
An attacker inserts SQL database commands into a data input field of an order form used by a Web-based application... Which practice would have prevented this exploit? a. Implementing a script blocker b. Implementing client side validation c. Using the latest browser version and patch level d. Installing antivirus, anti-spyware, pop-up blockers and firewall software
b. Implementing client side validation
Which of the following is specifically meant to ensure that a program operates on clean, correct, and useful data? a. Process spawning b. Input validation c. Application hardening d. Error and exception handling
b. Input validation
A router access control list uses information in a packet, such as the destination IP address and port number, to make allow or deny forwarding decisions. This is an example of which kind of access control model? a. RBAC b. RSBAC c. DAC d. MAC
b. RSBAC
Which of the following is a hardware device that contains identification information and can be used to control building access or computer logon? a. Security policy b. Smart city c. WAP d. SSID e. Biometric
b. Smart city
You are teaching new users about security and passwords.Which of the following is the best example of a secure password? a. 8181952 b. T1a73gZ9! c. JoHnSmITh d. Stiles_2031
b. T1a73gZ9!
Which of the following defines the crossover error rate for evaluating biometric systems? a. The rate of people who re denied access the should be allowed access b. The point where the number of false positive matches the number of false negatives in a biometric system c. The number of subjects or authentication attempts that can be validated d. The rate of people who are given access that should be denied access
b. The point where the number of false positive matches the number of false negatives in a biometric system
Recently, a Web site named www.vidshare.com has become extremely popular with users around the world. A n attacker registers the following domain names:www.videoshare.comwww.vidshar.comwww.vidsshare.com...What type of attack has occurred in this scenario? a. Water hole b. Typosquatting c. Command injection d. Buffer overflow
b. Typosquatting
Which of the following is an attack that injects malicious scripts into Web pages to redirect users to fake websites or gather personal information? a. SQL injection b. XSS c. DLL injection d. Drive by download
b. XSS
Which of the following best describes Active Directory? a. A group of related domains that share the same contiguous DNS namespace b. A collection of related domain trees that establishes the relationship between trees that have different DNS namespaces c. A centralized database that contains user account and security information d. An administratively defined collection of network resources that shares a common directory database and security policies
c. A centralized database that contains user account and security information
What is a cookie? a. An executable file that runs in the background and tracks internet use b. A malicious program that runs when you read an email attachment c. A file saved on you hard drive that tracks website preferences and use d. A malicious program that disguises itself as a useful program
c. A file saved on you hard drive that tracks website preferences and use
You want to prevent your browser from running JavaScript commands that are potentially harmful. Which of the following would you restrict to accomplish this? a. Server side scripts b. ActiveX c. Client side scripts d. CGI
c. Client side scripts
You want to make sure that all users have passwords over eight characters in length and that passwords must be changed every 30 days what should you do? a. Configure account lockout policies in group policy b. Configure expiration setting in the user accounts c. Configure password policies in Group Policy d. Configure day/time restrictions in the user accounts
c. Configure password policies in Group Policy
Which of the following is a text file provided by a website to a client that is stored on a user's hard drive in order to track and record information about the user? a. Mobile code b. Certificate c. Cookie d. Digital Signature
c. Cookie
You manage a single domain named widgets.com Organizational units (OUs) have been created for each company department. User and computer accounts have been moved into their corresponding OUs. Members of the Directors OU want to enforce longer passwords than are required for the rest of the users.You define a new granular password with the required settings.... What should you do? a. Create a granular password policy for Matt. Apply the new policy directly to Matt's user account. Remove Matt from the DirectorsGG group b. Create a granular password policy for Matt. Create a new group and make Matt a member of the group. Apply the new policy directly to the new group. Make sure the new policy has a higher precedence value than the value for the existing policy c. Create a granular policy for Matt. Apply the policy to Matt's user account. d. Edit the existing password policy. Define exceptions for the required setting. Apply the exceptions to Matt's user account
c. Create a granular policy for Matt. Apply the policy to Matt's user account
You have a system that allows the owner of a file to identify users and their permissions to the file. Which type of access control model is implemented? a. RBAC (based on roles) b. RBAC (based on rules) c. DAC d. MAC
c. DAC
Active directory is a hierarchical database. Hierarchical directory databases have several advantages over flat file database structures. Which of the following is not an advantage of Active Directory's hierarchical database structure? a. Organization b. Replication c. Decentralization d. Scalability e. Delegation
c. Decentralization
What should you do to a user account if the user goes on an extended vacation? a. Remove all rights from the account b. Monitor the account more closely c. Disable the account d. Delete the account
c. Disable the account
Marcus White has just been promoted to a manger. To give him access to the files that he needs, you make his user account a member of the Managers group, which has access to a special shared folder. Later that afternoon, Marcus tells you that he is still unable to access the files reserved for the Managers group. What should you do? a. Add his user account to the ACL for the shared folder b. Manually refresh Group Policy settings on his computer c. Have Marcus log off and log back in d. Manually refresh Group policy setting on the file server
c. Have Marcus log off and log back in
Which statement is true regarding application of GPO settings? a. If a setting is not defined in the Local Group policy and is defined in the GPO linked to the OU, the setting is not applied b. If a setting is defined in the Local Group Policy on the computer and not defined in the GPO linked to the OU, the setting is not applied c. If a setting is defined in the Local Group Policy on the computer and not defined in the GPO linked to the setting is applied. d. If a setting is defined in the Local Group Policy on the computer and defined differently in the GPO linked to the OU, the Local Group Policy setting is applied
c. If a setting is defined in the Local Group Policy on the computer and not defined in the GPO linked to the setting is applied.
You manage a single domain named widgets.com Organizational units (OUs) have been created for each company department. User and computer accounts have been moved into their corresponding OUs.... You need to make the change as easily as possible. Which should you do? a. Create a GPO linked to the Directors OU. Configure the password policy the new GPO b. Create a new domain. Move the contents of the Directors OU to the new domain. Configure the necessary password policy on the domain c. Implement a granular password policy for the users in the Director OU d. In Active Directory Users and Computers, select all user accounts in the Directory OU. Edit the user account properties to require the longer password
c. Implement a granular password policy for the users in the Director OU
While using a Web-based order form an attacker enters an unusually large value in the Quantity field.The value she entered is so large it exceeds the maximum value supported by the variable type used to store the quantity in the Web application. This causes the value of the quantity variable to wrap around to the minimum possible value, which is a negative number..... What type of attack has occurred in this scenario? a. URL hijacking b. Watering hole c. Integer overflow d. Buffer overflow
c. Integer overflow
Which of the following best describes one-factor authentication? a. Only type 1 authentication credentials are accepted b. Only a single authentication credential is submitted c. Multiple authentication credentials may be required, but they are all of the same type d. A user name without any additional credentials is accepted
c. Multiple authentication credentials may be required, but they are all of the same type
You are the network administrator of small nonprofit organization. Currently, an employee named Craig Jenkins handles all help desk calls for the organization. In recent months, the volume of help desk calls has exceeded what Craig's user can manage alone, so an additional help desk employee has been hired to carry some of the load. Currently, permissions to network resources are assigned directly to Craig's user object. Because the new employee needs exactly the same level of access, you decide to simply copy Craig's Active Directory domain user object and rename it with the new employee's name. Will this strategy work? a. No, Making a copy of an existing user cases both accounts to have the same security identifier(SID) b. No. Active Directory does not permit you to copy an existing user account c. No. Permissions are not copied when a user account is copied d. Yes. This strategy will be successful
c. No. Permissions are not copied when a user account is copied
What type of password is marygadalittlelamb? a. Composition b. Static c. Pass phase d. Cognitive
c. Pass phase
What is the effect of the following command? change -M 60 -W 10 jsmith a. Forces jsmith to keep the password 60 days before changing it and gives a warning 10 days before changing it b. Sets the password for jsmith to expire after 6 days and gives a warning 10 days before it expires c. Sets the password for jsmith to expire after 60 days and gives a warning 10 days before it expires d. Deletes the jsmith user account after 60 days and gives a warning 10 days before it expires
c. Sets the password for jsmith to expire after 60 days and gives a warning 10 days before it expires
You have implemented account lockout with a clipping level of 4 What will be the effect of this setting? a. Incorrect login attempts during the past four hours will be tracked b. Password hashes will be generated using a salt value of four c. The account will be locked after four incorrect attempts d. Locked accounts will remain locked for four hours.
c. The account will be locked after four incorrect attempts
Which of the following is stronger than any biometric authentication factor? a. A dynamic asynchronous token device without a pin b. A USB device hosting PKI certificates c. Two factor authentication d. A 47 character password
c. Two factor authentication
Which security mechanism uses a unique list that meets the following specification: The list is embedded directly in the object itself The list defines which subjects have access to certain objects The list specifies the level of access allowed to certain objects a. Hashing b. Kerberos c. User ACL d. Mandatory access control
c. User ACL
Which of the following information is typically not included in an access token? a. User security identifier b. User right c. User account password d. Group membership
c. User account password
You have a group named Research on your system that needs a new password because a member of the group has left the company. Which of the following commands should you use? a. gpasswd research b. newpassword Research c. gpasswd Research d. groupmod -p Research
c. gpasswd Research
You have performed an audit and have found and active account for an employee with the username joer. This user no longer works for the company Which command can you use to disable this account? a. usermod -I joer b. usermod -d joer c. usermod -L joer d. usermod -u joer
c. usermod -L joer
What "chage" command should you use to set the password for jsmith to expire after 60 days and give a warning 10 days before it expires?
chage -M 60 -W 10 jsmith
Which chage option keeps a user from changing their password every two weeks? a. -W 33 b. -M 33 c. -a 33 d. -m 33
d. -m 33
Which of the following is the strongest form of multi-factor authentication? a. Two factor authentication b. Two passwords c. A password and a biometric scan d. A password, a biometric scan, and a token device
d. A password, a biometric scan, and a token device
What is the most important aspect of a biometric device? a. Enrollment time b. Size of the reference profile c. Throughput d. Accuracy
d. Accuracy
A programmer that fails to check the length of input before processing leaves his code vulnerable to what form of common attack? a. Backdoor b. Privilege escalation c. Session hijacking d. Buffer overflow
d. Buffer overflow
Which type of attack is the act of exploiting a software program's free acceptance of input in order to execute arbitrary code on a target? a. Data diddling b. Covert channel exploitation c. TOC/TOU d. Buffer overflow
d. Buffer overflow
During the application development cycle, a developer asks several of his peers to assess the portion of the application he was assigned to write for security vulnerabilities.Which assessment technique was used in this scenario? a. Input validation b. Fuzzing c. Baseline reporting d. Code Review
d. Code Review
Which of the following is a password that relates to things that people know, such as a mother's maiden name or the name of a pet? a. Dynamic b. Pass phrase c. One time d. Cognitive
d. Cognitive
Use of which of the following is a possible violation of privacy? a. VPNs b. HTTP c. FTP d. Cookies
d. Cookies
You want to ensure that all users in the Department OU have a common set of network communication security settings applied Which action should you take? a. Create a GPO computer policy from the Computers container b. Create a GPO user policy for the Development OU c. Create a GPO folder policy for the folders containing the files d. Create a GPO computer policy for the computers in the Development OU
d. Create a GPO computer policy for the computers in the Development OU
Computer policies include a special category called user rights.Which action does user rights allow an administrator to perform? a. Specify the registry setting for all users in an OU b. Set ACL rights for users on specific computers in an OU c. Designate a basic set a of right for all users in an OU d. Identify users who can perform maintenance tasks on computers in an OU
d. Identify users who can perform maintenance tasks on computers in an OU
Which of the following is an example of a single-on authentication solution? a. RADIUS b. Digital certification c. Biometrics d. Kerberos
d. Kerberos
Within the /etc/security/limits.conf file, you notice the following entry:@guests hard maxlogins 3 What effect does this line have on the Linux system? a. Limits concurrent logins from the same user to three b. Limits the maximum file size that the Guest group can create to 3GB c. Limits the total amount of memory used by the Guest group to 3MB d. Limits the number of logins from the Guest group the three
d. Limits the number of logins from the Guest group the three
Group policy objects (GPO) are applied in which of the following orders a. GPO linked to site, GPO linked to domain, GPO liked to Organizational Unit lowest to highest, local group policy b. Local group policy, GPO linked to site, GPO linked to domain, GPO liked to Organizational Unit lowest to highest c. GPO linked to site, GPO linked to domain, GPO liked to Organizational Unit highest to lowest, local group policy d. Local group policy, GPO linked to site, GPO linked to domain, GPO liked to Organizational Unit highest to lowest
d. Local group policy, GPO linked to site, GPO linked to domain, GPO liked to Organizational Unit highest to lowest
While using a Web-based game creating using Adobe Flash, a Flash cookie is set on a user's computer...... What type of exploit has occurred in this scenario? a. Zero day b. Buffer overflow c. Header manipulation d. Locally shared object(LSO) exploit
d. Locally shared object(LSO) exploit
Which of the following is the single best rule to enforce when designing complex password? a. Force use of all four types of characters (uppercase, lowercase, numbers, symbols) b. Maximum password age c. Computer generated password d. Longer passwords
d. Longer passwords
What is another term for the type of login credentials provided by a token device? a. Biometric b. Mutual authentication c. Two-factor authentication d. One-time password
d. One-time password
Which of the following is an example of a Rule Based Access Control (RBAC)? a. A member of the accounting team is given access to the accounting department documents b. A subject with a government clearance that allows access to government classification labels of confidential, secret and top secret c. A computer file owner grants access to the file by adding other users to an access control list d. Router access control lists that allows or denies traffic based on the characteristics of an IP packets?
d. Router access control lists that allows or denies traffic based on the characteristics of an IP packets?
Which of the following is not a form of biometric? a. Fingerprint b. Retina scan c. Face recognition d. Token device
d. Token device
You have a group named temp_sales on your system. The group is no longer needed, and you should remove the group. Which of the following commands should you use? a. groupmod -R temp_sales b. groupmod -n temp_sales c. newgroup -R temp_sales d. groupdel temp_sales
d. groupdel temp_sales
A user with the account name larry has just been terminated from the company. There is good reason to believe that the user will attempt to access and damage files in the system in the very near future.Which of the following commands will disable or remove the user account from the system and remove his home directory? a. userdel -h larry b. userdel larry c. userdel -home larry d. userdel -r larry
d. userdel -r larry
One of your users, Karen Scott, has recently married and is now Karen jones. She has requested that her username be changed from kscott to kjones, but no other values change. Which of the following commands will accomplish this? a. usermod -u kscott kjones b. usermod -u kjones kscott c. usermod -i kscott kjones d. usermod -i kjones kscott
d. usermod -i kjones kscott
A remote access user needs to gain access to resources on the server. Which of the following processes are performed by the remote access server to control access to resources? a. Authorization and accounting b. Identity proofing and authorization c. Identity proofing and authentication d. Authentication and accounting e. Authentication and authorization
e. Authentication and authorization
You have just configured the password policy and set the minimum password age to 10.What will be the effect of this configuration? a. The previous 10 passwords cannot be reused b. The password must be entered within 10 minutes of the login prompt being displayed c. The password must contain 10 or more characters d. Users must change the password at least every 10 days e. Users cannot change the password for 10 days
e. Users cannot change the password for 10 days
You want to see which primary and secondary groups the dredford user belongs to. Enter the command you would use to display group membership for dredford.
groups dredford
You suspect that the gshant user account is locked Enter the command you use at the command prompt to show the status of the user account.
passwd -S gshant
