Authentication and Account Management - Chapter 10
Common Access Card (CAC)
A Department of Defense (DoD) smart card used for identification for active-duty and reserve military personnel along with civilian employees and special contractors.
D. Common Access Card (CAC)
A __________ is a U.S. Department of Defense (DoD) smart card that is used for identification for active-duty and reserve military personnel. A. Personal Identity Verification (PIV) card B. Government Smart Card (GSC) C. Secure ID Card (SIDC) D. Common Access Card (CAC)
Smart Card
A card that contains an integrated circuit chip that can hold information used as part of the authentication process.
C. cost
A disadvantage of biometric readers is __________. A. speed B. size C. cost D. standards
Personal Identity Verification (PIV)
A government standard for smart cards that covers all government employees.
Trusted Operating System (Trusted OS)
A hardened operating system that can keep attackers from accessing and controlling critical parts of a computer system.
Brute Force Attack
A password attack in which every possible combination of letter, numbers, and characters is used to create encrypted passwords that are matched with those in a stolen password file.
Dictionary Attack
A password attack that creates encrypted versions of common dictionary words and compares them against those in a stolen password file.
Hybrid Attack
A password attack that slightly alters dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters.
Password
A secret combination of letters, numbers, and/or characters that only the user should know.
Token
A small device that can be affixed to a keychain with a window display that shows a code to be used for authentication.
A. for as long as it appears on the device
A token code is valid ___________. A. for as long as it appears on the device B. for up to one hour C. only for the user who possesses the device D. if it is longer than eight characters
C. multifactor authentication system
A token system that requires the user to enter the code along with a PIN is called a __________. A. single-factor authentication system B. dual-prong verification system C. multifactor authentication system D. token-passing authentication system
D. trusted OS
An operating system that is designed to be secure by controlling critical parts of it to limit access from attackers and administrators is a __________. A. secure OS B. trustworthy OS C. managed OS D. trusted OS
Behavioral Biometrics
Authenticating a user by the normal actions that the user performs.
Cognitive Biometrics
Authenticating a user through the perception, thought process, and understanding of the user.
D. computer footprinting
Creating a pattern of when and from where a user accesses a remote Web account is an example of ___________. A. Time-Location Resource Monitoring (TLRM) B. keystroke dynamics C. cognitive biometrics D. computer footprinting
A. use a short password so the computer can process it more quickly
Each of the following is a step in creating a strong password except __________. A. use a short password so the computer can process it more quickly B. avoid using phonetic words C. do not use sequences D. do not use personal information
C. what you discover
Each of the following is a type of authentication credential except __________. A. what you have B. what you are C. what you discover D. what you know
D. behavioral
Keystroke dynamics is an example of ___________ biometrics. A. resource B. cognitive C. adaptive D. behavioral
Rainbow Tables
Large pregenerated data sets of encrypted passwords used in password attacks.
Standard Biometrics
Using fingerprints or other unique physical characteristics of a person's face, hands, or eyes for authentication.
Multifactor Authentication
Using more than one type of authentication credential.
C. single sign-on
Using one authentication credential to access multiple accounts or application is __________. A. credentialization B. identification authentication C. single sign-on D. federal login
Single Sign-On (SSO)
Using one authentication credential to access multiple accounts or applications.
Single-Factor Authentication
Using one type of authentication credentials.
C. an attack that slightly alters dictionary words
What is a hybrid attack? A. an attack that combines a dictionary attack with an online guessing attack B. a brute force attack that uses special tables C. an attack that slightly alters dictionary words D. an attack that uses both automated and user input
A. resetting
Which of the following attacks on passwords requires the attacker to have physical access to the computer to insert a USB flash drive? A. resetting B. capturing C. social engineering D. online guessing
B. weight
Which of the following human characteristics cannot be used for biometric identification? A. face B. weight C. fingerprint D. retina
A. operating systems by default use the principle of least privilege.
Which of the following is not a flaw in standard operating systems? A. operating systems by default use the principle of least privilege. B. operating systems are complex programs with millions of liens of code that make vulnerabilities extremely difficult to recognize C. operating systems do not isolate applications from each another, so one application that is compromised can impact the entire computer D. operating systems cannot create a trusted path between users and applications
D. most sites force users to create weak passwords although they do not want to
Which of the following is not a reason users create weak passwords? A. a lengthy and complex password can be difficult to memorize B. a security policy requires a password to be changed regularly C. having multiple passwords makes it hard to remember all of them D. most sites force users to create weak passwords although they do not want to
A. OAuth
Which single sign-on (SSO) technology depends on tokens? A. OAuth B. CardSpace C. OpenID D. All SSO technologies use tokens
A. computer footprinting
Which technique would prevent an attacker from China from logging into a user's account at 4:00 am? A. computer footprinting B. openAuthoriztion C. cognitive biometrics D. Internet throttling
D. it could result in denial of service (DoS) attacks
Why should the account lockout threshold not be set too low? A. it could decrease calls to the help desk B. because the network administrator would then have to manually reset the account C. so the user would not have to wait too long to have their password reset. D. it could result in denial of service (DoS) attacks
D. cognitive
__________ biometrics is related to the perception, thought processes, and understanding of the user. A. Standard B. Intelligent C. Behavioral D. Cognitive
C. OpenID
___________ is a decentralized open source FIM that does not require specific software to be installed on the desktop. A. SSO Login Resource (SSO-LR) B. Windows CardSpace C. OpenID D. Windows Live ID