PE - 9
Examples of MFA attributes include: (Select all that apply) USB token Retina scan Handwritten signature Gait analysis GPS reading PIN Chain of trust
- Handwritten signature - Gait analysis - GPS reading - Chain of trust
Which of the following are examples of hardware authentication tokens? (Select 3 answers) Key fob Cable lock Passphrase Biometric reader RFID badge Smart card
- Key fob - Biometric reader - RFID
Which of the following answers describe the features of TOTP? (Select 3 answers) - Vulnerable to replay attacks - Based on a cryptographic hash function and a secret cryptographic key - Valid for multiple login sessions - Based on a shared secret key and current time - Not vulnerable to replay attacks - Valid for only one login session
- Not vulnerable to replay attacks - Valid for only one login session - Based on a shared secret key and current time
Which of the following fall into the category of MFA factors? (Select 3 answers) GPS reading Handwritten signature PIN Chain of trust USB token Gait analysis Retina scan
- PIN - USB token - Retina scan
Hardware RAID Level 0: (Select all that apply) - Requires a minimum of 2 drives to implement - Is also known as disk striping - Decreases reliability (failure of any disk in the array destroys the entire array) - Is also referred to as disk mirroring - Offers less volume capacity in comparison to RAID 1 - Requires at least 3 drives to implement - Is suitable for systems where performance has higher priority than fault tolerance - Offers improved reliability by creating identical data sets on each drive (failure of one drive does not destroy the array as each drive contains identical copy of the data)
- Requires a minimum of 2 drives to implement - Is also known as disk striping - Decreases reliability (failure of any disk in the array destroys the entire array) - Is suitable for systems where performance has higher priority than fault tolerance
Examples of static authentication methods include: (Select 2 answers) Token generator User-generated password Short Message Service (SMS) Personal Identification Number (PIN) Push notification
- User-generated password - Personal Identification Number (PIN)
Which of the following answers refer to the characteristics of HOTP? (Select 3 answers) - Valid for only one login session - Based on a shared secret key and current time - Vulnerable to replay attacks - Based on a cryptographic hash function and a secret cryptographic key - Valid for multiple login sessions - Not vulnerable to replay attacks
- Valid for only one login session - Based on a cryptographic hash function and a secret cryptographic key - Not vulnerable to replay attacks
In the AAA security architecture, the process of tracking accessed services as well as the amount of consumed resources is called: Authentication Authorization Accounting
Accounting
A type of hierarchical database structure used in Windows Server environments that enables centralized management of users, devices and resources on a network is known as: HomeGroup Active Directory (AD) Workgroup Windows domain
Active Directory (AD)
Which of the following does not have an application in the authentication process? One-time passwords SMS messages Hardware / Software tokens Static codes Push notifications Phones All of the above can be used in the authentication process
All of the above can be used in the authentication process
Which of the following is not used in the process of biometric authentication? Fingerprint scan Voice recognition Vein analysis Retina / Iris scan Face recognition Gait analysis All of the above can be used in the biometric authentication process
All of the above can be used in the biometric authentication process
Which part of the AAA security architecture deals with the verification of the identity of a person or process? Authentication Authorization Accounting
Authentication
Which of the following is an example of a soft authentication token? USB token Authenticator app Smart card Key fob
Authenticator app
Which of the answers listed below refers to the process of granting or denying access to resources? Authentication Authorization Accounting
Authorization
Which of the answers listed below refers to a type of metric used for evaluation of a biometric security system's accuracy? FRR CRC FAR CER
CER
A measure of the likelihood that a biometric security system will incorrectly accept an access attempt by an unauthorized user is known as: CRC FAR CER FRR
FAR
A measure of the likelihood that a biometric security system will incorrectly reject an access attempt by an authorized user is referred to as: FAR CER CRC FRR
FRR
An authentication subsystem in which a single set of authentication credentials provides access to multiple systems across different organizations is called: AAA framework Multi-factor authentication Group-based access control Federation
Federation
Which of the following examples meets the requirement of multifactor authentication? Password and biometric scan Username and PIN Smart card and ID badge Voice recognition and fingerprint scan
Password and biometric scan
Which of the following RAID levels does not offer fault tolerance? RAID 6 RAID 10 RAID 5 RAID 0 RAID 1
RAID 0
A dedicated data storage solution that combines multiple disk drive components into a single logical unit to increase volume size, performance, or reliability is referred to as: - Storage Area Network (SAN) - Load balancer - Redundant Array of Independent Disks (RAID) - Network-Attached Storage (NAS)
Redundant Array of Independent Disks (RAID)
Which of the following answers refers to an example implementation of certificate-based authentication? Smart card ID badge PIN code Biometric lock
Smart card
An authenticator application is a software that generates additional authentication token (in the form of a random code) used in multi-step verification process. True False
True
Authentication process can be based on various categories of authentication factors and attributes. Authentication factors include unique physical traits of each individual such as fingerprints ("something you are"), physical tokens such as smart cards ("something you have"), or usernames and passwords ("something you know"). The categories of authentication attributes include geolocation ("somewhere you are"), user-specific activity patterns, such as keyboard typing style ("something you can do"), revealing something about an individual, e.g. wearing an ID badge ("something you exhibit"), or proving the relation with a trusted third party ("someone you know"). Multifactor authentication systems require implementation of authentication factors from two or more distinct categories. True False
True
In computer security, the term "Biometrics" refers to physical characteristics of the human body that can be used for identification and access control purposes. True False
True
