CyberSecurity 7
Which of the following is NOT true about OTPs?
. They are displayed on security keys.
Which access control scheme uses flexible policies that can combine attributes?
a. ABAC
How is key stretching effective in resisting password attacks?
a. It takes more time to generate candidate password digests.
Imka has been asked to recommend a federation system technology that is an open source federation framework and can support the development of authorization protocols. Which of these technologies would she recommend?
a. OAuth
Which of the following is an authentication credential used to access multiple accounts or applications?
a. SSO
Which of the following would a threat actor use last in attacks on a password digest?
a. brute force attack
What type of biometrics is related to the perception, thought processes, and understanding of the user?
a. cognitive biometrics
After a recent security breach, Lerato is investigating how the breach occurred. After examining log files, she discovered that the threat actor had used the same password on several different user accounts. What kind of attack was this?
a. password spraying attack
How is SAML used?
b. It allows secure web domains to exchange user authentication and authorization data.
Which of the following is NOT true about a rule attack?
b. Rule attacks are considered low-outcome attacks.
Which of the following elements is NOT true about passwords?
b. The most effective passwords are short but complex.
Which of the following is NOT true about password expiration?
c. It should be set to at least one day.
Which of the following is the least secure method for sending an authentication code?
c. SMS text
Why are dictionary attacks successful?
c. Users often create passwords from dictionary words.
Mpho has been asked to look into security keys that have a feature of a key pair that is "burned" into the security key during manufacturing time and is specific to a device model. What feature is this?
c. attestation
Amahle is researching elements that can prove authenticity. Which of the following is based on unique biological characteristics?
c. something you are
Noxolo is researching human characteristics for biometric identification. Which of the following would she not find used for biometric identification?
c. weight
Which of the following is NOT true about LDAP?
d. It cannot be used with SSO.
Which of these is NOT a key stretching algorithm?
d. MD5
Kholwa is explaining to her colleague how a password cracker works. Which of the following is a true statement about password crackers?
d. Password crackers differ as to how candidates are created.