Chapter 12: Authentication and Account Management

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Which one-time password is event-driven? a. HOTP b TOTP c. ROTP d. POTP

a. HOTP

Using one authentication credential to access multiple accounts or applications is known as ________. a. credentialization b. identification authentication c. single sign-on d. federal login

c. single sign-on

Which human characteristic is NOT used for biometric identification? a. retina b. face c. weight d. fingerprint

c. weight

Which authentication factor is based on a unique talent that a user possesses? a. what you have b, what you are c. what you do d. what you know

c. what you do

Which of these is a decentralized open-source FIM that does not require specific software to be installed on the desktop? a. Windows Live ID b. SSO Login Resource (SSO-LR) c. Windows CardSpace d. OpenID

d. OpenID

What is a hybrid attack? a. an attack that uses both automated and user input b. an attack that combines a dictionary attack with an online guessing attack c. a brute force attack that uses special tables d. an attack that slightly alters dictionary words

d. an attack that slightly alters dictionary words

Why should the account lockout threshold not be set too low? a. it could decrease calls to the help desk b. the network administrator would have to reset the account manually c. the user would not have to wait too long to have her password reset d. it could result in denial of service (DoS) attacks

d. it could result in denial of service (DoS) attacks

Which of these is NOT a reason why users create weak passwords? a. a lengthy and complex password can be difficult to memorize b. a security policy requires a password to be changed regularly c. having multiple passwords makes it hard to remember them d. most sites force users to create weak passwords even though they do not want to

d. most sites force users to create weak passwords even though they do not want to

What is a token system that requires the user to enter the code along with a PIN called? a. single-factor authentication system b. token-passing authentication system c. dual-prong verification system d. multifactor authentication system

d. multifactory authentication system

Which single sign-on (SSO) technology depends on tokens? a. OAuth b. CardSpace c. OpenID d. All SSO technologies use tokens

a. OAuth

Keystroke dynamics is an example of which type of biometrics? a. behavioral b. resource c. cognitive d. adaptive

a. behavioral

________ biometrics is related to the perception, thought processes, and understanding of the user. a. cognitive b. standard c. intelligent d. behavioral

a. cognitive

What is a disadvantage of biometric readers? a. cost b. speed c. size d. standards

a. cost

A TOTP token code is valid ________. a. for as long as it appears on the device b. for up to 24 hours c. only while the user presses SEND d. until an event occurs

a. for as long as it appears on the device

Creating a pattern of where a user accesses a remote web account is an example of ________. a. geolocation b. Time-Location Resource Monitoring (TLRM) c. keystroke dynamics d. cognitive biometrics

a. geolocation

How is key stretching effective in resisting password attacks? a. it takes more time to generate candidate password digests b. it requires the use of GPUs c. it does not require the use of salts d. the license fees are very expensive to purchase and to use it

a. it takes more time to generate candidate password digests

Which attack is an attempt to compare a known digest to an unknown digest? a. pre-image attack b. birthday attack c. configuration attack d. SNIP attack

a. pre-image attack

Which of these is a U.S. Department of Defense (DoD) smart card that is used for identification of active-duty and reserve military personnel? a. Personal Identity Verification (PIV) card b. Common Access Card (CAC) c. Government Smart Card (GSC) d. Secure ID Card (SIDC)

b. Common Access Card (CAC)

Which of these is NOT a characteristic of a weak password? a. a common dictionary word b. a long password c. using personal information d. using a predictable sequence of characters

b. a long password

Which of these algorithms is the weakest for creating password digests? a. SHA-1 b. MD-5 c. LM (LAN Manager) hash d. NTLM (New Technology LAN Manager) hash

c. LM (LAN Manager) hash


Ensembles d'études connexes

Evolution of Plants and Angiosperms Study Guide

View Set

Lists in python (Codecademy - Python 3)

View Set

Musculoskeletal (Ch. 35-37) med-surg II

View Set

Module 14 - Infancy and Childhood - Retrieval Practice & Review

View Set

Marketing Quiz (Ch. 12, 13, 14, 15)

View Set

Exam 3 Immune/Respiratory questions

View Set

Chapter 21 World History, Sec 2,3,4

View Set

Lean Six Sigma Green Belt - Week 1: Introduction to LSS

View Set

CCNA Introduction to Networks Chapter 10

View Set