2602 Module 6 review lis

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What is a hybrid attack?

And attack that slightly alters dictionary words

Keystroke dynamics is an example of which type of biometrics?

Behavioral

A TOTP token code is valid

For as long as it appears on the device

Creating a pattern of where user access is a remote web account is an example of

Geolocation

What type of one time password (OTP) changes after a set time period?

HMAC-Based one-time password (HOTP)

Which one time password is event driven?

HOTP

What technology allows users to share resources stored on one site with a second site without forwarding their authentication credentials to the other site?

OAuth

Which single sign on (SSO) technology depends on tokens?

OAuth

Select below the decentralized open source FIM that does not require specific software to be installed on the desktop:

OpenID

Which of these is a decentralized open source FIM that does not require specific software to be installed on the desktop?

OpenID

User accounts that remain active after an employee has left an organization are referred to as being what type of accounts?

Orphaned

Which attack is an attempt to compare known digest to an unknown digest?

Pre-image attack

Although designed to support remote dial in access to a corporate network, what service below is commonly used with 802.1x port security for both wired and wireless LANs?

RADIUS

Although designed to support remote dial-in access to a corporate network, what service below is commonly used with 802.1x port security for both wired and wireless LANs?

RADIUS

The use of what item below involves the creation of a large pregenerated data set of candidate digests?

Rainbow tables

Select below the access control model that uses access based on a user's job function within an organization:

Role Based Access Control

When using Role Based Access Control (RBAC), permissions are assigned to:

Roles

Which access control model can dynamically assign roles to subjects based on a set of defined rules?

Rule Based Access Control

What can be used to increase the strength of hashed passwords?

Salt

To assist with controlling orphaned and dormant accounts, what can be used to indicate when an account is no longer active?

Account expiration

Which of these is not a characteristic of a week password?

A long password

A list that specifies which subjects are allowed to access an object and what operations they can perform on it is referred to as a(n):

ACL

What type of attack involves using every possible combination of letters, numbers, and characters to create candidate digests that are then matched against those in a stolen digest file?

Brute force

____ biometrics is related to the perception, thought process, and understanding of the user.

Cognitive

Which type of biometrics is based on the perception, thought process, and understanding of the user?

Cognitive biometrics

A U.S. Department of Defense (DoD) smart card that is used for identification of active duty and reserve military personnel along with civilian employees and special contractors is called:

Common Access Card (CAC)

Which of these is a U.S. department of defense (DoD) smart card that is used for identification of active duty and reserve military personnel?

Common access card (CAC)

Authorization and access are viewed as synonymous and in access control, they are the same step

Correct

What is a disadvantage of biometric readers

Cost

The X.500 standard defines a protocol for a client application to access an X.500 directory known as which of the following options?

DAP

Entries within a Directory Information Base are arranged in a tree structure called the:

DIT

Which access control model is considered to be the least restrictive?

Discretionary Access Control

Which term below describes the time it takes for a key to be pressed and then released?

Dwell time

Group policy is a Unix feature that allows for the centralized management and configuration of computers and remote users using Unix Active Directory.

False

Passwords provide strong protection.

False

The strength of RADIUS is that messages are always directly sent between the wireless device and the RADIUS server.

False

Using a rainbow table to crack a password requires three steps: Creation of the table, comparing the table to known hash values, and decrypting the password.

False

The use of a single authentication credential that is shared across multiple networks is called:

Identity management

Why should the account lockout threshold not be set too low?

It could result in denial of service (DoS) attacks.

How is key stretching effective in resisting password attacks?

It takes more time to generate candidate password digests

Select below the authentication system developed by the Massachusetts Institute of Technology (MIT) to verify the identity of network users:

Kerberos

What kind of attack allows for the construction of LDAP statements based on user input statements, which can then be used to access the LDAP database or modify the database's information?

LDAP injection

Which of these algorithms is the weakest for creating password digests?

LM (LAN manager) hash

Which hashing algorithm below is used with NTLMv2's Hashed Message Authentication Code?

MD5

What access control model below is considered to be the most restrictive access control model, and involves assigning access controls to users strictly according to the custodian?

Mandatory Access Control

Which of these is not a reason why users create week passwords?

Most sites force users to create weak passwords even though they do not want to

Which is a token system that requires the user to enter the code along with a pin the called?

Multi factor authentication system

What federated identity management (FIM) relies on token credentials?

OAuth

A vulnerable process that is divided between two or more individuals to prevent fraudulent application of the process is known as:

Separation of duties

The use of one authentication credential to access multiple accounts or applications is referred to as?

Single Sign On

Using one authentication credentials to access multiple accounts or application is known as

Single sign-on

What kind of biometrics utilizes a person's unique physical characteristics for authentication, such as fingerprints or unique characteristics of a person's face?

Standard biometrics

What authentication service commonly used on UNIX devices involves communicating user authentication information to a centralized server?

TACACS

A shield icon warns users if they attempt to access any feature that requires UAC permission.

True

Geolocation is the identification of the location of a person or object using technology, and can be used as part of an authentication method.

True

OpenID is an example of a web based federated identity management (FIM) system.

True

The Bell LaPadula (BLP) model of MAC can be used to prevent subjects from creating a new object or performing specific functions on objects that are at a lower level than their own.

True

Token credentials can be revoked at any time by the user without affecting other token credentials issued to other sites.

True

Which human characteristic is not used for biometric identification?

Weight

Which authentication factor is based on a unique talent that a user possesses?

What you do

What is the name for a predefined framework that can be used for controlling access, and is embedded into software and hardware?

access control model

During RADIUS authentication, what type of packet includes information such as identification of a specific AP that is sending the packet and the username and password?

authentication request

A list of the available nonkeyboard characters can be seen in Windows by opening what utility?

charmap.exe

In a UAC prompt, what color is used to indicate the lowest level of risk?

gray

What is the center of the weakness of passwords?

human memory

What variation of a dictionary attack involves a dictionary attack combined with a brute force attack, and will slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters?

hybrid

What type of attack involves an attacker stealing a file containing password digests and comparing the digests with digests created by the attacker?

offline cracking

The action that is taken by a subject over an object is called a(n):

operation

A secret combination of letters, numbers, and/or characters that only the user should have knowledge of, is known as a:

password

Passwords that are transmitted can be captured by what type of software?

protocol analyzer

A user or a process functioning on behalf of the user that attempts to access an object is known as the:

subject


Ensembles d'études connexes

Chapter 5: Competitors and Competition

View Set

Chapter 21: The Respiratory System

View Set

Prioritizing Client Care: Leadership, Delegation, and Emergency Response Planning

View Set

Safety and Infection Control Practice

View Set

Foundations Exam 1 Chapter 10 PrepU

View Set

Unit 1: Political and Legal Factors of International Business

View Set