ITN-262 Midterm (Chapters 4, 6) Review
We need to create a three-factor authentication system. The system already uses a USB device that is unlocked with the user's fingerprint. Which of the following can we add to implement three separate factors?
A PIN entered via a built-in PIN pad
Something you are - is?
A biometric measurement
Bob lives at home during the summer. His little brother, Tom, is fascinated by computers and with everything his big brother does. Tom loves to watch Bob log in to his summer job's remote site and do things. Tom often goes into Bob's room and looks through his things. Given this, which authentication technique—by itself—resists the risk of Tom masquerading as Bob?
A memorized, hard-to-guess password
Which of the following most effectively resists a trial-and-error guessing attack? All sizes are in terms of decimal digits.
A passive authentication token with a 9-digit base secret
We need to create a three-factor authentication system. The system already requires the user's fingerprint and memorized password. Which of the following can we add to implement three separate factors?
A procedure that requires the user's cell phone
Which of the following is a list of access rights for each file, where each entry identifies a specific user and contains a list of access rights granted to that user.
Access control list (ACL)
Something you have - is?
An object containing a base secret, like the magnetic stripe on a cash card
What does authentication do?
Associates an individual with an identity
Apple's OS-X implements a "padlock" control on critical system settings. A user must provide administrative login credentials in order to unlock the lock and access the settings. Which of the following are true? Select all that apply.
It allows a non-administrative user with proper rights to perform an administrative action / It applies Least Privilege by limiting the effects of an approved administrative operation. / It is similar to Windows UAC because it unlocks a single function or application.
Bob and Alice are typical users who share a computer. Which of the following are true of a user isolation policy? Assume no tailoring takes place. Select all that apply.
Bob can create, read, and modify his own files.
Bob and Alice are typical users who share a computer. The computer has an isolation policy, but Bob and Alice have implemented a tailored policy for shared reading. Which of the following are true? Select all that apply.
Bob can create, read, and modify his own files. / Bob and Alice can read particular files that others can't read.
Bob and Alice are typical users who share a computer. The computer has a file sharing policy, but Bob and Alice have implemented a tailored policy for shared updating. Which of the following are true?
Bob can create, read, and modify his own files. / Bob and Alice can share particular files (read and write) that others can't read. / Bob can read typical files that Alice creates.
Bob and Alice are typical users who share a computer. Which of the following are true of a file sharing policy? Assume no tailoring takes place. Select all that apply.
Bob can read Alice's files. / Bob can create, read, and modify his own files
Kevin wants to attack Bob's computing resources. He is motivated at the "stealth" level. Which of the following attacks might Bob face? Select all that apply.
Borrow Bob's one-time password token / Search for written copies of Bob's passwords
The average attack space estimates the number of guesses required before success is ________.
Likely
Something you know - is?
Memorized information like a password
Why do event logs record both normal and abnormal activities? Select all that apply.
Normal activities help track side effects of abnormal activities / An activity may look normal when it occurs and abnormal when analyzed in context with other activities
There are three types of tokens; which of the following is not a correct type?
Offensive tokens
The person who owns the folder, who has full rights to read, modify, or delete anything in the folder, has which of the following?
Owner rights
Users with which of the following can both read and write files in the folder? Select all that apply.
Owner rights / Read/write rights
Which of the following are the primary file-access rights in Unix? Select all that apply.
Read / Write / Execute
Users with the right to read files in the folder have which of the following? Select all that apply.
Read/write rights / Owner rights / Reader rights
In a password system, the total number of possible passwords is called the:
Search space
A primary use of event logs is to:
Serve as an audit trail.
Are base secrets the same as credentials?
Some base secrets are also credentials, while others are not.
Here is a list of features of various authentication tokens. Indicate all that are true for one-time password tokens.
Some tokens use a built-in clock to generate nonces. / Some tokens use a built-in counter to generate nonces. / The token contains a base secret.
The following are fundamental strategies for authenticating people on computer systems, except:
Something you make
We are trying to protect a household computer. We have implemented password-based authentication to protect sensitive data. Which levels of attacker motivation can this authentication typically protect against in this situation? Select all that apply.
Stealth motivation / Scant motivation / No motivation
A group member who is not the file's owner accesses a file - will?
System applies the group rights
The file's owner accesses a file - will?
System applies the owner rights
A user who is neither the owner nor a group member accesses a file - will?
System applies the world rights
The root user accesses a file - will?
System grants full access to file
People who interpret event logs do not like administrators to use privileged accounts with a fixed name, like "root." Which of the following is the best explanation for this?
The "root" user ID is shared by many people; the event log can't easily tell which user really performed a logged action
In Windows 10, the basic file-sharing permission level that grants users the right to read, modify, or delete a file they don't own is:
Co-owner
The security framework that replaced the U.S. DOD Orange Book is called:
Common Criteria
Select the controls from the list below that can implement a tailored access policy.
Control of user group-based access rights / Access control lists
An attack that blocks access to a system by other users is called:
Denial of service
Permission flags used in Unix to protect folders are called:
Directories
True or False? Average attack space measures the time until success is certain.
False
True or False? Biometrics and tokens are a good choice for a household environment.
False
True or False? Biometrics are a favored form of authentication, as they are immune to sniffing attacks.
False
True or False? Biometrics have a fault tolerance of 0.
False
True or False? Both Windows and Unix include permission flags in their file security mechanisms.
False
True or False? Entropy refers to the strength of a password system.
False
True or False? Offline attacks are easily detected.
False
True or False? Passive tokens are favored, as they are immune to sniffing attacks.
False
True or False? SHA-1024 is the latest hash algorithm.
False
True or False? True randomness is easily achieved with the random function of an application like Excel.
False
True or False? Two factor authentication is using two passwords
False
True or False? USB tokens are weak because if the public key becomes lost or stolen, the private key can be derived from it.
False
True or False? Using a personal computer with full admin rights enables the user to minimize security threats.
False
True or False? When selecting a password, random collections of letters contain far less entropy than written words.
False
True or False? When you are biased in selecting a password, you choose your password from the entire search space.
False
True or False? Your fingerprint is a "something you have" factor.
False
Challenge-response token - is?
Transmits credentials that vary according to an unpredictable challenge from the computer
One-time password token - is?
Transmits different credentials based on an internal clock or counter
Passive token - is?
Transmits the same credential every time
What are the risks of logging into a system routing as "root" or some other administrative identity?
Files could be erased. / Files could be altered. / Exposing the system to a virus or malicious website
Unix implements three file-access rights (read, write, and execute/search) for which identities?
Group / World / Owner
__________ define a user group, which serves as another set of users for whom we specify access rights.
Group rights
The law that establishes security measures that must be taken on health-related information is:
HIPAA
An extreme threat is _________ motivated and is _________ to leave evidence.
Highly, Willing
True or False? A strong threat is willing to spend money, but not willing to leave evidence.
True
True or False? ACL implementation in Microsoft windows provides flexible and sophisticated inheritance. Files and folders automatically inherit changes made to an enclosing folder's access rights.
True
True or False? Authentication associates an individual with an identity.
True
In a password system, increasing the work factor results in which of the following? Select all that apply.
Increases the length of the password / Increases the size of the character set from which users choose passwords
Which of the following is a formal review of the systems integrity and of the data it maintains regarding the organization's business.
Information systems audit
True or False? Dictionary attacks differ from trial and error attacks because dictionary attacks focus on likely passwords.
True
True or False? If the "root" user accesses a file, the system grants full access.
True
True or False? Keyloggers can be hardware or software based.
True
True or False? Low-hanging fruit refers to the easiest targets in an attack.
True
True or False? Mac OS-X allows you to add ACL entries for groups as well as users.
True
True or False? Never choose a password with a strong personal association.
True
True or False? PCI DSS is a set of standards, not a law, that applies to merchants who handle customer credit card information.
True
True or False? Regarding access permissions in Windows, the owner of a shared folder may read, modify, and delete other user's files.
True
True or False? Some operating systems provide ways of temporarily granting administrative to people logged in to regular accounts.
True
True or False? The one-way hash is a cryptographic function.
True
True or False? When an attacker is attacking a password system, the average attack space estimates the number of guesses required before success is likely.
True
True or False? When the fault tolerance goes up, so do the false positives.
True
True or False? Windows does not deny an access right by omitting it, but it allows you to explicitly deny a right.
True
An authentication system that requires the user to provide two different passwords and a fingerprint scan is an example of:
Two-factor authentication
Biometric scanners are often connected by ________; this poses a security risk, as sniffed credentials can be fed down this line.
USB
Below is a list of different access right settings. We want to implement shared update of certain files between Bob and Alice, but with no one else. Which of the following settings achieve this? Select all that apply.
Use Windows basic file sharing and make Bob and Alice co-owners of the files. / Put Bob and Alice is a user group, and give the group RWX access to the shared files.
Which of the following authentication techniques are vulnerable to sniffing attacks that replay the sniffed credential? Select all that apply.
Biometric readers / Passive tokens / Passwords
chown?
Changes the identity of a file's owner
chgrp?
Changes the identity of the group associated with a file
chmod?
Changes the rights granted to the owner, group, or rest of the world for a file
Unix users have several commands. Which of the following commands is short for the command "Change group"?
Chgrp
Passed in 2002, __________ requires U.S. government agencies to implement agency-wide information security programs.
FISMA (Federal Information Security Management Act)
What is the principle behind Microsoft's operating systems using a UAC (user account control)?
Provide temporary admin privileges