IS-Ch12

Passwords that are transmitted can be captured by what type of software?

Protocol analyzer

The use of what item below involves the creation of a large pregenerated data set of candidate digests?

Rainbow tables

What can be used to increase the strength of hashed passwords?

Salt

Which type of biometrics is based on the perception, thought process, and understanding of the user?

Cognitive biometrics

​A U.S. Department of Defense (DoD) smart card that is used for identification of active-duty and reserve military personnel along with civilian employees and special contractors is called:

Common Access Card (CAC)

Using a rainbow table to crack a password requires three steps: Creation of the table, comparing the table to known hash values, and decrypting the password.

False

How is key stretching effective in resisting password attacks?

It takes more time to generate candidate password digests.

The use of one authentication credential to access multiple accounts or applications is referred to as?

Single sign on

What kind of biometrics utilizes a person's unique physical characteristics for authentication, such as fingerprints or unique characteristics of a person's face?

Standard biometrics

Token credentials can be revoked at any time by the user without affecting other token credentials issued to other sites.

True

What is a hybrid attack?

an attack that slightly alters dictionary word

​A list of the available nonkeyboard characters can be seen in Windows by opening what utility?

charmap.exe

A(n) ____________________ attack begins with the attacker creating encrypted versions of common dictionary words, and then comparing them against those in a stolen password file.

dictionary

What type of attack involves an attacker stealing a file containing password digests and comparing the digests with digests created by the attacker?

offline cracking

A secret combination of letters, numbers, and/or characters that only the user should have knowledge of, is known as a:

password