CHAPTER 6 QUIZ INFOSEC

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

True or False? An authentication, authorization, and accounting (AAA) server, such as Remote Authentication Dial-In User Service (RADIUS), is a type of decentralized access control.

False

True or False? Authentication by characteristics/biometrics is based on something you have, such as a smart card, a key, a badge, or either a synchronous or asynchronous token.

False

True or False? In mandatory access control (MAC), access rules are closely managed by the security administrator and not by the system owner or ordinary users for their own files.

False

True or False? Passphrases are less secure than passwords.

False

True or False? The four central components of access control are users, resources, actions, and features.

False

True or False? The number of failed logon attempts that trigger an account action is called an audit logon event.

False

True or False? Voice pattern biometrics are accurate for authentication because voices cannot easily be replicated by computer software. You Answered True

False

Anya is a cybersecurity engineer for a high-secrecy government installation. She is configuring biometric security that will either admit or deny entry using facial recognition software. Biometric devices have error rates and certain types of accuracy errors that are more easily tolerated depending on need. In this circumstance, which error rate is she likely to allow to be relatively high?

False rejection rate (FRR)

Devaki is evaluating different biometric systems. She understands that users might not want to subject themselves to retinal scans due to privacy concerns. Which concern of a biometric system is she considering?

Acceptability

Jackson is a cybercriminal. He is attempting to keep groups of a company's high-level users from accessing their work network accounts by abusing a policy designed to protect employee accounts. Jackson attempts to log in to their work accounts repeatedly using false passwords. What security method is he taking advantage of?

Account lockout policies

Which type of authentication includes smart cards?

Ownership

Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following?

Separation of duties

What is an example of two-factor authentication (2FA)?

Smart card and personal identification number (PIN)

Which of the following principles is not a component of the Biba integrity model?

Subjects cannot change objects that have a lower integrity level.

True or False? A degausser creates a magnetic field that erases data from magnetic storage media

True

True or False? Authentication by action is based on something you do, such as typing.

True

True or False? Authentication by knowledge is based on something the user knows, such as a password, passphrase, or personal identification number (PIN).

True

True or False? Common methods used to identify a user to a system include username, smart card, and biometrics.

True

True or False? Content-dependent access control requires the access control mechanism to look at the data to decide who should get to see it

True

True or False? If a company informs employees that email sent over the company's network is monitored, the employees can no longer claim to have an expectation of privacy.

True

True or False? Log files are one way to prove accountability on a system or network.

True

True or False? Physically disabled users might have difficulty with biometric system accessibility, specifically with performance-based biometrics.

True

True or False? Single sign-on (SSO) can provide for greater security because with only one password to remember, users are generally willing to use stronger passwords.

True

Wen is a network engineer. For several months, he has been designing a system of controls to allow and restrict access to network assets based on various methods and information. He is currently configuring the authentication method. What does this method do?

Verifies that requestors are who they claim to be

Which of the following is the point at which two error rates of a biometric system are equal and is the measure of the system's accuracy expressed as a percentage?

Crossover error rate (CER)

True or False? A smart card is an example of a logical access control.

False

Keisha is a network administrator. She wants a cloud-based service that will allow her to load operating systems on virtual machines and manage them as if they were local servers. What service is Keisha looking for?

Infrastructure as a Service (IaaS)

What is a single sign-on (SSO) approach that relies upon the use of key distribution centers (KDCs) and ticket-granting servers (TGSs)?

Kerberos

What is an example of a logical access control?

Password

An automatic teller machine (ATM) uses a form of constrained user interface to limit the user's ability to access resources in the system. Specifically for ATMs, which method is being used?

Physically constrained user interfaces

The ___________ is the central part of a computing environment's hardware, software, and firmware that enforces access control.

security kernel

Which security model does not protect the integrity of information?

Bell-LaPadula

True or False? Kerberos is an example of a biometric method.

False

A company's IT manager has advised the business's executives to use a method of decentralized access control rather than centralized to avoid creating a single point of failure. She selects a common protocol that hashes passwords with a one-time challenge number to defeat eavesdropping-based replay attacks. What is this protocol? Kerberos

Challenge-Handshake Authentication Protocol (CHAP)

True or False? A Chinese wall security policy defines a barrier and develops a set of rules to ensure that no subject gets to objects on the other side.

True

True or False? Temporal isolation is commonly used in combination with rule-based access control.

False

Which type of password attack is used on weak passwords and compares a hashed value of the passwords to the system password file to find a match?

Dictionary attack

Arturo is a network engineer. He wants to implement an access control system in which the owner of the resource decides who can change permissions, and permission levels can be granted to specific users, groups of people in the same or similar job roles, or by project. Which of the following should Arturo choose?

Discretionary access control (DAC

Maria is using accounting software to compile sensitive financial information. She receives a phone call and then momentarily leaves her desk. While she's gone, Bill walks past her cubicle and sees that she has not locked her desktop and left data exposed. Bill uses his smartphone to take several photos of this data with the intent of selling it to the company's competitor. What access control compromise is taking place?

Eavesdropping by observation

Lincoln is a network security specialist. He is updating the password policy for his company's computing infrastructure. His primary method of improving password policy involves lowering the chance that an attacker can compromise and use the password before it expires. What does he do?

Enables a 30-day password change policy


Ensembles d'études connexes

Module 8 market segmentation (Entrep)

View Set

Ch 51: Nursing Care of a Family when a Child has a Musculoskeletal Disorder

View Set

DGP; I shall not give you any advice Harriet

View Set