CYSE 300 Module 5 Quiz
Which security model does NOT protect the integrity of information?
Bell-LaPadula
What is an XML-based open standard for exchanging authentication and authorization information and is commonly used for web applications?
Security Assertion Markup Language (SAML)
Which one of the following principles is NOT a component of the Biba integrity model?
Subjects cannot change objects that have a lower integrity level.
Which one of the following is NOT a commonly accepted best practice for password security?
Use at least six alphanumeric characters.
Which characteristic of a biometric system measures the system's accuracy using a balance of different error types?
crossover error rate (CER)
The four central components of access control are users, resources, actions, and features.
false
You should use easy-to-remember personal information to create secure passwords.
false
What is a single sign-on (SSO) approach that relies upon the use of key distribution centers (KDCs) and ticket-granting servers (TGSs)?
kerberos
Which of the following is NOT a benefit of cloud computing to organizations?
lower dependence on outside vendors
Which type of authentication includes smart cards?
ownership
Which one of the following is an example of two-factor authentication?
smart card and Personal identification number (PIN)
A dictionary attack works by hashing all the words in a dictionary and then comparing the hashed value with the system password file to discover a match.
true
A trusted operating system (TOS) provides features that satisfy specific government requirements for security.
true
An example of a threat to access control is in a peer-to-peer (P2P) arrangement in which users share their My Documents folder with each other by accident.
true
Common methods used to identify a user to a system include username, smart card, and biometrics.
true
Log files are records that detail who logged on to a system, when they logged on, and what information or resources they used.
true
Single sign-on (SSO) can provide for stronger passwords because with only one password to remember, users are generally willing to use stronger passwords.
true
The number of failed logon attempts that trigger an account action is called an audit logon event.
false
Voice pattern biometrics are accurate for authentication because voices can't easily be replicated by computer software.
false
Which of the following is an example of a hardware security control?
MAC filtering