Chapter 12

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

for as long as it appears on the device

A TOTP token code is valid _____. for as long as it appears on the device for up to 24 hours only while the user presses SEND until an event occurs

password

A secret combination of letters, numbers, and/or characters that only the user should have knowledge of, is known as a: token password biometric detail challenge

Brute-force

An attacker is least likely to use which password discovery method when compromising a strong password? Social engineering Brute-force Resetting Capturing

geolocation

Creating a pattern of where a user accesses a remote web account is an example of _____. geolocation Time-Location Resource Monitoring (TLRM) keystroke dynamics cognitive biometrics

With password setting objects

How does Windows manage credentials in an Active Directory environment? With local Group Policies With password setting objects With local security policies With the Password Management MMC snap-in

HMAC requires an event to change values

How is an HMAC-based OTP different from a TOTP? HMAC OTPs require PIN code usage HMAC requires an event to change values HMAC values change over a specific length of time HMAC OTPs are not considered tokens

It takes more time to generate candidate password digests.

How is key stretching effective in resisting password attacks? It takes more time to generate candidate password digests. It requires the use of GPUs. It does not require the use of salts. The license fees are very expensive to purchase and use it.

Applications store passwords in a user vault file

In respect to security, why is it better to use password management applications to store passwords rather than utilizing a web browser function? Applications are better protected from network-based attacks Web browser functions do not encrypt the passwords Web browser functions cache credentials in browsers Applications store passwords in a user vault file

behavioral

Keystroke dynamics is an example of which type of biometrics? behavioral resource cognitive adaptive

FIM

Single sign-on allows users to authenticate across multiple networks and requires what to function? Domain trusts Forest trusts .NET Passport FIM

Identity management

The use of a single authentication credential that is shared across multiple networks is called: Access management Authorization management Identity management Risk management

Rainbow tables

The use of what item below involves the creation of a large pregenerated data set of candidate digests? Rainbow tables Randomized character list Word list Cascade tables

single sign-on

Using one authentication credential to access multiple accounts or applications is known as _____. credentialization identification authentication single sign-on federal login

Token

What device can be used to create an OTP? Token Keychain Hash Salt

cost

What is a disadvantage of biometric readers? cost speed size standards

an attack that slightly alters dictionary words

What is a hybrid attack? an attack that uses both automated and user input an attack that combines a dictionary attack with an online guessing attack a brute force attack that uses special tables an attack that slightly alters dictionary words

multifactor authentication system

What is a token system that requires the user to enter the code along with a PIN called? single-factor authentication system token-passing authentication system dual-prong verification system multifactor authentication system

human memory

What is the center of the weakness of passwords? human memory encryption technology handshake technology human reliability

OAuth

What technology allows users to share resources stored on one site with a second site without forwarding their authentications credentials to the other site? OpenAuth OAuth SAML Kerberos

Brute force

What type of attack involves using every possible combination of letters, numbers, and characters to create candidate digests that are then matched against those in a stolen digest file? Space division Brute force Known ciphertext Known plaintext

​Time-based one-time password (TOTP)

What type of one-time password (OTP) changes after a set time period? ​HMAC-Based one-time password (HOTP) ​Period-based one-time password (POTP) ​Time-based one-time password (TOTP) ​Interval-based one-time password (IOTP)

hybrid

What variation of a dictionary attack involves a dictionary attack combined with a brute force attack, and will slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters? brute force hash replay network replay hybrid

pre-image attack

Which attack is an attempt to compare a known digest to an unknown digest? pre-image attack birthday attack configuration attack SNIP attack

what you do

Which authentication factor is based on a unique talent that a user possesses? what you have what you are what you do what you know

MD5

Which hashing algorithm below is used with NTLMv2's Hashed Message Authentication Code? SHA-1 SHA-256 MD4 MD5

weight

Which human characteristic is NOT used for biometric identification? retina face weight fingerprint

TOTP, password, and a username

Which of the following authentication method combinations is an example of multifactor authentication? Geolocation and voice recognition TOTP, password, and a username Voice recognition and keystroke dynamics Smart card and an OTP

LM

Which of the following is NOT a hash? LM RIPEMD SHA-1 MD5

Never writing a password down

Which of the following is a secure methodology when using a password? Using the same password for multiple accounts Entering passwords while using an unencrypted wireless connections Entering passwords into public computers Never writing a password down

Salts can change identical passwords

Which of the following is a true statement about salts? Salts modify hash algorithms Salts can change identical passwords Salts should not be random Salts eliminate the possibility of a brute force attack

L*^dns22Oik

Which of the following is considered the strongest password? Aw50m3Bart L*^dns22Oik Cr3at1on @m@nda

LM (LAN Manager) hash

Which of these algorithms is the weakest for creating password digests? SHA-1 MD-5 LM (LAN Manager) hash NTLM (New Technology LAN Manager) hash

a long password

Which of these is NOT a characteristic of a weak password? a common dictionary word a long password using personal information using a predictable sequence of characters

Most sites force users to create weak passwords even though they do not want to.

Which of these is NOT a reason why users create weak passwords? A lengthy and complex password can be difficult to memorize. A security policy requires a password to be changed regularly. Having multiple passwords makes it hard to remember all of them. Most sites force users to create weak passwords even though they do not want to.

Common Access Card (CAC)

Which of these is a U.S. Department of Defense (DoD) smart card that is used for identification of active-duty and reserve military personnel? Personal Identity Verification (PIV) card Common Access Card (CAC) Government Smart Card (GSC) Secure ID Card (SIDC)

OpenID

Which of these is a decentralized open-source FIM that does not require specific software to be installed on the desktop? Windows Live ID SSO Login Resource (SSO-LR) Windows CardSpace OpenID

HOTP

Which one-time password is event-driven? HOTP TOTP ROTP POTP

OAuth

Which single sign-on (SSO) technology depends on tokens? OAuth CardSpace OpenID All SSO technologies use tokens.

It could result in denial of service (DoS) attacks.

Why should the account lockout threshold not be set too low? It could decrease calls to the help desk. The network administrator would have to reset the account manually. The user would not have to wait too long to have her password reset. It could result in denial of service (DoS) attacks.

Key stretching algorithms are slower

Why would an administrator resort to key stretching algorithms as opposed to general-purpose algorithms such as MD5? Key stretching algorithms use multiple general-purpose algorithms Key stretching algorithms are immune to rainbow tables Key stretching algorithms are slower General-purpose algorithms do not use salt

Cognitive

_____ biometrics is related to the perception, thought processes, and understanding of the user. Cognitive Standard Intelligent Behavioral

​OpenID

​Select below the decentralized open-source FIM that does not require specific software to be installed on the desktop: ​OAuth ​OpenID ​Windows Live ID ​OpenPass


Ensembles d'études connexes

AP Human Geography: Unit 7.1 & 7.2

View Set

ACC 151: Chapter 12: The Statement of Cash Flows

View Set

Colloquial Egyptian Arabic Expressions

View Set

ASD 3 EXAMEN FINAL PRIMER SEMESTRE

View Set

Small Talk (Vocabulary in the context and pronounce)

View Set

RE 101 Ch. 11: Lesson 11: Real Estate Appraisal - Quiz Qs

View Set

A&P The Nervous System 1 & 2 study set

View Set