CIT 270 chapter 12 questions

अब Quizwiz के साथ अपने होमवर्क और परीक्षाओं को एस करें!

What type of attack involves using every possible combination of letters, numbers, and characters to create candidate digests that are then matched against those in a stolen digest file? a.) Space division b.) Brute force c.) Known ciphertext d.) Known plaintext

Brute force

_____ biometrics is related to the perception, thought processes, and understanding of the user. a.) Cognitive b.) Standard c.) Intelligent d.) Behavioral

Cognitive

Which type of biometrics is based on the perception, thought process, and understanding of the user? a.) Standard biometrics b.) Reactive biometrics c.) Cognitive biometrics d.) Affective biometrics

Cognitive biometrics

How is key stretching effective in resisting password attacks? a.) It takes more time to generate candidate password digests. b.) It requires the use of GPUs. c.) It does not require the use of salts. d.) The license fees are very expensive to purchase and use it.

It takes more time to generate candidate password digests.

Why would an administrator resort to key stretching algorithms as opposed to general-purpose algorithms such as MD5? a.) Key stretching algorithms use multiple general-purpose algorithms b.) Key stretching algorithms are immune to rainbow tables c.) Key stretching algorithms are slower d.) General-purpose algorithms do not use salt

Key stretching algorithms are slower

Which of these algorithms is the weakest for creating password digests? a.) SHA-1 b.) MD-5 c.) LM (LAN Manager) hash d.) NTLM (New Technology LAN Manager) hash

LM (LAN Manager) hash

Which of these is NOT a reason why users create weak passwords? a.) A lengthy and complex password can be difficult to memorize. b.) A security policy requires a password to be changed regularly. c.) Having multiple passwords makes it hard to remember all of them. d.) Most sites force users to create weak passwords even though they do not want to.

Most sites force users to create weak passwords even though they do not want to.

What technology allows users to share resources stored on one site with a second site without forwarding their authentication credentials to the other site? a.) OpenAuth b.) OAuth c.) SAML d.) Kerberos

OAuth

Which single sign-on (SSO) technology depends on tokens? a.) OAuth b.) CardSpace c.) OpenID d.) All SSO technologies use tokens.

OAuth

Which of these is a decentralized open-source FIM that does not require specific software to be installed on the desktop? a.) Windows Live ID b.) SSO Login Resource (SSO-LR) c.) Windows CardSpace d.) OpenID

OpenID

What does Open Authorization rely on to function and share resources across sites? a.) Identification management b.) Username and password c.) Token credentials d.) Token identification objects

Token credentials

Which of these is NOT a characteristic of a weak password? a.) a common dictionary word b.) a long password c.) using personal information d.) using a predictable sequence of characters

a long password

What is a hybrid attack? a.) an attack that uses both automated and user input b.) an attack that combines a dictionary attack with an online guessing attack c.) a brute force attack that uses special tables d.) an attack that slightly alters dictionary words

an attack that slightly alters dictionary words

Keystroke dynamics is an example of which type of biometrics? a.) behavioral b.) resource c.) cognitive d.) adaptive

behavioral

What is a disadvantage of biometric readers? a.) cost b.) speed c.) size d.) standards

cost

A TOTP token code is valid _____. a.) for as long as it appears on the device b.) for up to 24 hours c.) only while the user presses SEND d.) until an event occurs

for as long as it appears on the device

Creating a pattern of where a user accesses a remote web account is an example of _____. a.) geolocation b.) Time-Location Resource Monitoring (TLRM) c.) keystroke dynamics d.) cognitive biometrics

geolocation

What is the center of the weakness of passwords? a.) human memory b.) encryption technology c.) handshake technology d.) human reliability

human memory

What variation of a dictionary attack involves a dictionary attack combined with a brute force attack, and will slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters? a.) brute force b.) hash replay c.) network replay d.) hybrid

hybrid

What is a token system that requires the user to enter the code along with a PIN called? a.) single-factor authentication system b.) token-passing authentication system c.) dual-prong verification system d.) multifactor authentication system

multifactor authentication system

A secret combination of letters, numbers, and/or characters that only the user should have knowledge of, is known as a: a.) token b.) password c.) biometric detail d.) challenge

password

Which attack is an attempt to compare a known digest to an unknown digest? a.) pre-image attack b.) birthday attack c.) configuration attack d.) SNIP attack

pre-image attack

Which of these is a U.S. Department of Defense (DoD) smart card that is used for identification of active-duty and reserve military personnel? a.) Personal Identity Verification (PIV) card b.) Common Access Card (CAC) c.) Government Smart Card (GSC) d.) Secure ID Card (SIDC)

Common Access Card (CAC)

How is an HMAC-based OTP different from a TOTP? a.) HMAC OTPs require PIN code usage b.) HMAC requires an event to change values c.) HMAC values change over a specific length of time d.) HMAC OTPs are not considered tokens

HMAC requires an event to change values

Which one-time password is event-driven? a.) HOTP b.) TOTP c.) ROTP d.) POTP

HOTP

Why should the account lockout threshold not be set too low? a.) It could decrease calls to the help desk. b.) The network administrator would have to reset the account manually. c.) The user would not have to wait too long to have her password reset. d.) It could result in denial of service (DoS) attacks.

It could result in denial of service (DoS) attacks.

Which hashing algorithm below is used with NTLMv2's Hashed Message Authentication Code? ​a.) SHA-1 ​b.) SHA-256 c.) ​MD4 d.) ​MD5

MD5

Using one authentication credential to access multiple accounts or applications is known as _____. a.) credentialization b.) identification authentication c.) single sign-on d.) federal login

single sign-on

Which human characteristic is NOT used for biometric identification? a.) retina b.) face c.) weight d.) fingerprint

weight

Which authentication factor is based on a unique talent that a user possesses? a.) what you have b.) what you are c.) what you do d.) what you know

what you do


संबंधित स्टडी सेट्स

Chapter 2: Developmental, Congenital, and Childhood Diseases and Disorders

View Set

TCR 716 - Texas Teachers Practice Exam 2

View Set

Chapter 2: Networking Infrastructure and Documentation

View Set

Life Insurance - Chapter 6: Life Policy Riders

View Set