Scenario-Based Questions, Answers, and Explanations - Access Control

Which of the following provides strong authentication for centralized authentication servers when used with firewalls?

Tokens

The KPT Company is analyzing authentication alternatives. The company has 10,000 users in 10 locations with five different databases of users. The current authentication access controls are a mix of UNIX and Microsoft related tools. KPT priorities include security, cost, scalability, and transparency.

Use the following information to answer questions 1 through 9

Which one of the following is not an authentication mechanism?

What the user can do

Symbolic link (symlink) attacks do not exist on which of the operating systems?

Windows

Which of the following authentication types is most effective?

Continuous authentication

Which of the following user identification and authentication techniques depend on reference profiles or templates?

Biometric systems

Some security authorities believe that re-authentication of every transaction provides stronger security procedures. Which of the following security mechanisms is least efficient and least effective for re-authentication?

Recurring passwords

Which of the following does not provide robust authentication?

Reusable passwords

Individual accountability does not include which of the following?

Policies and procedures

What is the basis for a two-factor authentication mechanism?

Something you have and something you know