Module 12 Textbook & Quiz | ITE-249-02 Authentication

¡Supera tus tareas y exámenes ahora con Quizwiz!

8. Which attack uses one or a small number of commonly used passwords to attempt to log in to several different user accounts? a. Password spraying attack b. Online brute force attack c. Offline brute force attack d. Role attack

a. Password spraying attack

20. Which one-time password is event driven? a. TOTP b. HOTP c. POTP d. ROTP

b. HOTP

Quiz: 1. How is the Security Assertion Markup Language (SAML) used? a. It is no longer used because it has been replaced by LDAP. b. It allows secure web domains to exchange user authentication and authorization data. c. It is an authenticator in IEEE 802.1x. d. It serves as a backup to a RADIUS server.

b. It allows secure web domains to exchange user authentication and authorization data.

1. Choose which statement is wrong by applying your knowledge from the reading. a. An HMAC-based one-time password (HOTP) password is "event driven." b. Password crackers differ as to when candidate digests are created. c. Online brute force attacks are considered impractical.

b. Password crackers differ as to when candidate digests are created.

11. Which of the following should NOT be stored in a secure password database? a. Iterations b. Plaintext password c. Password digest d. Salt

b. Plaintext password

12. Which of the following is NOT an MFA using a smartphone? a. SMS text message b. Automated phone call c. Biometric gait analysis d. Authentication app

c. Biometric gait analysis

10. Which of these attacks is the last-resort effort in cracking a stolen password digest file? a. Rule list b. Mask c. Brute force d. Hybrid

c. Brute force

6. Which of these is NOT a reason that users create weak passwords? a. A security policy requires a password to be changed regularly. b. Having multiple passwords makes it hard to remember all of them. c. The length and complexity required force users to circumvent creating strong passwords. d. A lengthy and complex password can be difficult to memorize.

c. The length and complexity required force users to circumvent creating strong passwords.

15. _____ biometrics is related to the perception, thought processes, and understanding of the user. a. Intelligent b. Behavioral c. Standard d. Cognitive

d. Cognitive

5. How is key stretching effective in resisting password attacks? a. It does not require the use of salts. b. It requires the use of GPUs. c. The license fees are very expensive to purchase and use it. d. It takes more time to generate candidate password digests.

d. It takes more time to generate candidate password digests.

2. Which of the following is the Microsoft version of EAP? a. AD-EAP b. PAP-Microsoft c. MS-CHAP d. EAP-MS

c. MS-CHAP

16. Which of the following is an authentication credential used to access multiple accounts or applications? a. Credentialization b. Federal login c. Single sign-on d. Identification authentication

c. Single sign-on

18. Which of these creates a format of the candidate password to significantly reduce the time needed to crack a password? a. Overlay b. Pass the hash c. Rainbow d. Mask

d. Mask

4. Ilya has been asked to recommend a federation system technology that is an open source federation framework that can support the development of authorization protocols. Which of these technologies would he recommend? a. NTLM b. Shibboleth c. Open ID d. OAuth

d. OAuth

3. Which of the following is NOT used for authentication? a. Something you exhibit b. Somewhere you are c. Something you can do d. Something you can find

d. Something you can find

14. Which human characteristic is NOT used for biometric identification? a. Height b. Fingerprint c. Retina d. Iris

a. Height

2. Choose which statement is wrong by applying your knowledge from the reading. a. A salt is a random string that is used in hash algorithms. b. A complex password (xi8s7$t#6%) is more secure than a long password (thisisalongpassword). c. Two popular key stretching password hash algorithms are bcrypt and PBKDF2.

b. A complex password (xi8s7$t#6%) is more secure than a long password (thisisalongpassword).

13. Timur was making a presentation regarding how attackers break passwords. His presentation demonstrated the attack technique that is the slowest yet most thorough attack that is used against passwords. Which of these password attacks did he demonstrate? a. Hybrid attack b. Brute force attack c. Custom attack d. Dictionary attack

b. Brute force attack

17. What is a disadvantage of biometric readers? a. Weight b. Standards c. Cost d. Speed

c. Cost

19. Pablo has been asked to look into security keys that have a feature of a key pair that is "burned" into the security key during manufacturing time and is specific to a device model. What feature is this? a. Attestation b. Authorization c. Accountability d. Authentication

a. Attestation

7. Fernando is explaining to a colleague how a password cracker works. Which of the following is a valid statement about password crackers? a. Password crackers differ as to how candidates are created. b. Most states prohibit password crackers unless they are used to retrieve a lost password. c. A password cracker attempts to uncover the type of hash algorithm that created the digest because once it is known, the password is broken. d. Due to their advanced capabilities, they require only a small amount of computing power.

a. Password crackers differ as to how candidates are created.

9. Why are dictionary attacks successful? a. Users often create passwords from dictionary words. b. Password crackers using a dictionary attack require less RAM than other types of password crackers. c. They use pregenerated rules to speed up the processing. d. They link known words together in a "string" for faster processing.

a. Users often create passwords from dictionary words.


Conjuntos de estudio relacionados

Chapter 25: The Fetal Face & Neck

View Set

Renewable and Non Renewable Energy

View Set

4. Prepositions 전치사 - on 착! 달라붙어 있는 ~(위)에

View Set

NSG 170 lecture *EXAM 4 (sexuality/reproduction)

View Set

Lesson 11 (1 - 3) Sequences and Summation Notation/Arithmetic and Geometric Sequences

View Set

4. The Mesolithic Age: Tools, Inventions & Archaeology

View Set