Quiz #5 Info Sec

अब Quizwiz के साथ अपने होमवर्क और परीक्षाओं को एस करें!

TRUE

A trusted operating system (TOS) provides features that satisfy specific government requirements for security.

TRUE

Content-dependent access control requires the access control mechanism to look at the data to decide who should get to see it.

FALSE

DIAMETER is a research and development project funded by the European Commission.

TRUE

Fingerprints, palm prints, and retina scans are types of biometrics.

TRUE

Log files are records that detail who logged on to a system, when they logged on, and what information or resources they used.

FALSE

Passphrases are less secure than passwords.

TRUE

Single sign-on (SSO) can provide for stronger passwords because with only one password to remember, users are generally willing to use stronger passwords.

Separation of duties

Tomahawk industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following?

FALSE

User-based permission levels limit a person to executing certain functions and often enforces mutual exclusivity.

Kerberos

What is a single sign-on (SSO) approach that relies upon the use of key distribution centers (KDCs) and ticket granting servers (TGSs)?

Security Assertion Markup Language (SAML)

What is an XML-based open standard for exchanging authentication and authorization information and is commonly used for web applications?

Crossover error rate (CER)

Which characteristic of a biometric system measures the system's accuracy using a balance of different error types?

Redundant Array of Independent Disks (RAID)

Which of the following does NOT offer authentication, authorization, and accounting (AAA) services?

Lower dependence on outside vendors

Which of the following is NOT a benefit of cloud computing to organizations?

TRUE

A Chinese wall security policy defines a barrier and develops a set of rules that makes sure no subject gets to objects on the other side.

Accountability

Ed wants to make sure that his system is designed in a manner that allows tracing actions to an individual. Which phase of access control is Ed concerned about?

FALSE

Temporal isolation is commonly used in combination with rule-based access control.

FALSE

Terminal Access Controller Access Control System Plus (TACACS+) is an authentication server that uses client and user configuration files.

security kernel

The _________ is the central part of a computing environments hardware, software, and firmware that enforces access control.

FALSE

The four central components of access control are users, resources, actions, and features.

TRUE

A degausser creates a magnetic field that erases data from magnetic storage media.

FALSE

You should use easy-to-remember personal information to create secure passwords.

MAC Filtering

Which of the following is an example of a hardware security control?

Use at least six alphanumeric characters

Which one of the following is NOT a commonly accepted best practice for password security?

Password

Which one of the following is an example of a logical access control?

TRUE

A smart card is a token shaped like a credit card that contains one or more microprocessor chips that accept, store and send information through a reader.

Authorization

During which phase of the access control process does the system answer the question, "What can the requestor access?"

FALSE

The number of failed logon attempts that trigger an account action is called an audit logon event.

Smart card and personal identification number (PIN)

Which one of the following is an example of two-factor authentication?

Acceptability

Alan is evaluation different biometric systems and is concerned that users might not want to subject themselves to retinal scans due to privacy concerns. Which characteristic of a biometric system is he considering?

FALSE

Voice pattern biometrics are accurate for authentication because voices can't easily be replicated by computer software.


संबंधित स्टडी सेट्स

Physics 1310 Exam 1- gregory spencer

View Set

Field Biology exam 4 chapters 12, & 15.

View Set