Quiz: Module 12 Authentication
Pablo has been asked to look into security keys that have a feature of a key pair that is "burned" into the security key during manufacturing time and is specific to a device model. What feature is this?
Attestation
Which of the following is NOT an MFA using a smartphone?
Biometric gait analysis
Which of these attacks is the last-resort effort in cracking a stolen password digest file?
Brute force
Timur was making a presentation regarding how attackers break passwords. His presentation demonstrated the attack technique that is the slowest yet most thorough attack that is used against passwords. Which of these password attacks did he demonstrate?
Brute force attack
_____ biometrics is related to the perception, thought processes, and understanding of the user.
Cognitive
What is a disadvantage of biometric readers?
Cost
Which one-time password is event driven?
HOTP
Which human characteristic is NOT used for biometric identification?
Height
How is the Security Assertion Markup Language (SAML) used?
It allows secure web domains to exchange user authentication and authorization data.
How is key stretching effective in resisting password attacks?
It takes more time to generate candidate password digests.
Which of the following is the Microsoft version of EAP?
MS-CHAP
Which of these creates a format of the candidate password to significantly reduce the time needed to crack a password?
Mask
Ilya has been asked to recommend a federation system technology that is an open source federation framework that can support the development of authorization protocols. Which of these technologies would he recommend?
OAuth
Fernando is explaining to a colleague how a password cracker works. Which of the following is a valid statement about password crackers?
Password crackers differ as to how candidates are created.
Which attack uses one or a small number of commonly used passwords to attempt to log in to several different user accounts?
Password spraying attack
Which of the following should NOT be stored in a secure password database?
Plaintext password
Which of the following is an authentication credential used to access multiple accounts or applications?
Single sign-on
Which of the following is NOT used for authentication?
Something you can find
Which of these is NOT a reason that users create weak passwords?
The length and complexity required force users to circumvent creating strong passwords.
Why are dictionary attacks successful?
Users often create passwords from dictionary words.
