2.4 Summarize authentication and authorization design concepts
Fingerprint scanning is one of the most straightforward methods of biometric identification. Which of these concerns are most pertinent to the use of this technology? (Select all that apply.)
* Ease of spoofing *Surfaces must be clean and dry
Multifactor authentication can be executed in many different ways. Which of the following company policies engage multifactor authentication? (Select all that apply
*Authenticate to the server using username, password, and security key fob token. If a security token is lost, it must be immediately reported to the security manager. *Upon entering building C, all personnel must present their common access card (CAC) to the security officer for scanning against the biometric identity database. At each work terminal, the CAC must be inserted into a valid card reader and the user must present a PIN.
Which of the following metrics should be considered when determining efficacy rates of biometric pattern suitability? (Select all that apply.)
*FRR *CER *FAR
Why must token devices to be closely synchronized with the authentication server? (Select all that apply.)
*Setting a time limit for the code helps ensure it is not used by an unauthorized user should a token-bearing device be lost. *One-Time Passwords (OTP) often contain a timestamp that expires quickly if not used *.Synchronizing the systems allow for accurate accounting and auditing of when systems are accessed and by what means.
Analyze and apply the strengths and weaknesses of location-based authentication to conclude which is the most ideal deployment for employee remote access anywhere in a country.
Activating location-based technology to operate a Virtual Private Network (VPN) gateway to restrict access to users from foreign countries
Which of the following implementations best employs the advantages of location-based authentication, while minimizing its disadvantages?
Activating location-based technology to operate a Virtual Private Network (VPN) gateway to restrict access to users from foreign countries
A security team added iris scanners to two access control points in a secure facility. They are in the process of making adjustments to optimize the system. Which metric are they fine-tuning
Crossover Error Rate (CER)
The security team for a large company performed a risk assessment and identified three main entry points for biometric scanner installation. They install an iris scanner and are engaged in fine-tuning the system. Which metric is the security team currently adjusting?
Crossover Error Rate (CER)
An application uses the distinguished name (DN) as a unique identifier for user authentication for access to a system. The DN is used to determine the user's role as Admin, SysAdmin, or Planner. Which of the following management access processes is the application using?
Directory services
An employee can authenticate to any client on the network and have shared files available for viewing. What function will provide this capability?
Directory services
An employee logs into the network with credentials, and then the network provides an access key. This key accesses network resources, such as shared files and printers, which the employee uses to complete tasks. Based on this scenario, what does the employee utilize?
Directory services
An organization implements Directory Services as a management access control. Which of the following attributes will be used for authentication and role identification?
Distinguished name
When considering installing a biometric recognition system in a company facility, which of the following considerations is least relevant to managing traffic control?
False negative rate or false rejection rate (FRR)
A camera is placed at the entrance to the server room to allow entry based upon an individual's unique walking style. This is which of the following behavioral biometric pattern recognitions?
Gait Analysis
Which of the following provides two-factor authentication?
Inserting a Common Access Card (CAC) and entering a PIN
A large organization is looking for a quick, effective biometric scanning technique that will support heavy traffic at one of their main facilities. Consider the advantages and disadvantages of various biometric scanners to determine which would best meet the organization's needs.
Iris scanners
A large, metropolitan airport employs hundreds of workers daily. The facility managers have been tasked with increasing security checks for employees entering airport terminals, while maintaining a quick processing time of employee credentials. Analyze the scenario and determine which biometric scanning procedure best meets the airport's needs.
Iris scanners
Historically, signatures have been used to prove the identity of a document's signer. In order to make forging attempts less successful, which added layer of security is provided by signature recognition technology?
Pressure and stroke sensitivity
An authentication application automatically sends a message to a user attempting to gain access to a company application. The message asks the user to re-enter credentials and a one time code. Which of the following authentication types does this best represent?
Push notification
An organization deployed an application for team collaboration to overcome telework challenges. A user must enter their organizational email and a password at initial setup. To gain access to the application, the user must install Google Authenticator on their mobile device. The authentication service provides a random sequence of numbers to the user to complete the authentication process. Which two-factor authentication does this best represent?
Push notification
Differentiate between retinal and iris scanners.
Retinal scans are complex and intrusive, yet highly accurate, using infrared (IR) light to perform blood vessel pattern analysis.
What is a push notification?
Store services that an app or website can use to display an alert on a mobile device
What major advantage does Time-Based One-Time Password Algorithm (TOTP) have over HMAC-Based One-Time Password Algorithm (HOTP)?
TOTP adds an expiration time to the token
A vein matching scanner uses an infrared light source and camera to distinguish a unique pattern of blood vessels in an employee's palm for identification purposes. Which of the following does this BEST describe?
Vascular Biometrics
