CYSE 300 Module 5 Quiz

Which security model does NOT protect the integrity of information?

Bell-LaPadula

What is an XML-based open standard for exchanging authentication and authorization information and is commonly used for web applications?

Security Assertion Markup Language (SAML)

Which one of the following principles is NOT a component of the Biba integrity model?

Subjects cannot change objects that have a lower integrity level.

Which one of the following is NOT a commonly accepted best practice for password security?

Use at least six alphanumeric characters.

Which characteristic of a biometric system measures the system's accuracy using a balance of different error types?

crossover error rate (CER)

The four central components of access control are users, resources, actions, and features.

false

You should use easy-to-remember personal information to create secure passwords.

false

What is a single sign-on (SSO) approach that relies upon the use of key distribution centers (KDCs) and ticket-granting servers (TGSs)?

kerberos

Which of the following is NOT a benefit of cloud computing to organizations?

lower dependence on outside vendors

Which type of authentication includes smart cards?

ownership

Which one of the following is an example of two-factor authentication?

smart card and Personal identification number (PIN)

A dictionary attack works by hashing all the words in a dictionary and then comparing the hashed value with the system password file to discover a match.

true

A trusted operating system (TOS) provides features that satisfy specific government requirements for security.

true

An example of a threat to access control is in a peer-to-peer (P2P) arrangement in which users share their My Documents folder with each other by accident.

true

Common methods used to identify a user to a system include username, smart card, and biometrics.

true

Log files are records that detail who logged on to a system, when they logged on, and what information or resources they used.

true

Single sign-on (SSO) can provide for stronger passwords because with only one password to remember, users are generally willing to use stronger passwords.

true

The number of failed logon attempts that trigger an account action is called an audit logon event.

false

Voice pattern biometrics are accurate for authentication because voices can't easily be replicated by computer software.

false

Which of the following is an example of a hardware security control?

MAC filtering