2.3 Identification and Authentication

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What type of logon security is provided by OTP?

A One-Time Password is valid only for a short period (usually 60 seconds), before it changes again.

The company you work for has suffered numerous intrusions due to poor password management by employees. Given a significant budget to mitigate the problem, what type of security control would you use?

A multifactor authentication product would mitigate this type of problem by requiring users to authenticate with a smart card or biometric information as well as a password.

What is the difference between authorization and authentication?

Authorization means granting a user account configured on the computer system the right to make use of a resource (allocating the user privileges on the resource). Authentication protects the validity of the user account by testing that the person accessing that account is who s/he says s/he is.

Your company has won a contract to work with the Department of Defense. What type of site access credentials will you need to provide?

Contractors working for the DoD require a Common Access Card with an embedded token and photograph.

Apart from cost, what would you consider to be the major considerations for evaluating a biometric recognition technology?

Error rate, throughput, user resistance or acceptance.

True or false? In order to create a service ticket, Kerberos passes the user's password to the target application server for authentication.

False - only the KDC verifies the password. The Ticket Granting Service sends the user's account details (SID) to the target application for authorization (allocation of permissions) not authentication.

True or false? The holder of a Common Access Card can authenticate to a computer system using biometric information stored on the card.

False - the card contains biometric data for identity proofing but cannot be used to authenticate. It does support smart card authentication.

True or false? An account requiring a password, PIN, and one-time password is an example of three-factor authentication.

False - three factor authentication would include a biometric or behavioral element.

Which type of eye recognition is easier to perform: retinal or iris scanning?

Iris scans are simpler.

A user maintains a list of commonly used passwords in a file located deep within the computer's directory structure. Is this secure password management?

No. This is security by obscurity. The file could probably be easily discovered using Search tools.

In what scenario would PAP be an appropriate cryptographic method?

None - the Password Authentication Protocol uses plaintext ASCII passwords with no cryptographic protection. This could only be used securely if the endpoints established a secure tunnel (using IPsec for instance).

What steps should be taken to enroll a new user?

Perform identity proofing to confirm the user's identity, issue authentication credentials securely, and assign appropriate permissions / privileges to the account.

Which remote authentication protocol supports smart cards?

Some types of Extensible Authentication Protocol (EAP) support the use of client-side digital certificates, which could be presented using a smart card.

Your company creates software that requires a database of stored encrypted passwords. What security control could you use to make the password database more resistant to brute force attacks?

Using a key stretching password storage library (such as brcypt or PBKDF2) would improve resistance to brute force cracking methods.

Why might a standalone installation of Windows XP be more vulnerable to password cracking than in Windows 7?

Windows XP uses weak LM responses by default.


Ensembles d'études connexes

CH 20; Program Design and technique for aerobic endurance training

View Set

Ch. 5 Practice Questions Part 1 #'s 451-480 - Doppler Instrumentation and Hemodynamics

View Set

Español 1020 Repaso (Capítulo 7)

View Set

Level 23: Mortgage Brokers - Chapter 1: Mortgage Origination

View Set

DAT General Chemistry Mike's Chapter 4 (Periodic Trends)

View Set

BUSINESS LAW C713- General questions & need to knows

View Set

Hatfield: Introductory Maternity and Pediatric Nursing #31

View Set

Chapter 3: Environmental Toxicology

View Set

Chapter 50. Nursing Care of Patients With Peripheral Nervous System Disorders

View Set

Chapter 47: Nursing Care of the Child With an Alteration in Immunity/Immunologic Disorder

View Set

Psychology Exam IV Study Guide Ch. 12

View Set

stress management chapters 18, 19, & 21

View Set