Security policies chapter 5
Which characteristic of a bio-metric system measures the system's accuracy using a balance of different error types?
Crossover error rate (CER)
Voice pattern biometrics are accurate for authentication because voices can't easily be replicated by computer software.
False
You should use easy-to-remember personal information to create secure passwords.
False
Which type of authentication includes smart cards?
Ownership
Which one of the following is an example of a logical access control?
Password
The __________ is the central part of a computing environment's hardware,software, and firmware that enforces access control.
Security Kernel
Which one of the following is an example of two-factor authentication?
Smart card and PIN
A smart card is a token shaped like a credit card that contains one or more microprocessor chips that accept, store, and send information through a reader.
True
A trusted operating system (TOS) provides features that satisfy specific government requirements for security
True
Which of the following is not a commonly accepted best practice for password security?
Use at least six alphanumeric characters
Ed wants to make sure that his system is designed in a manner that allows tracing actions to an individual. Which phase of access control is Ed concerned about?
Accountability
During which phase of the access control process does the system answer the question, "What can the requester access?"
Authorization
The four central components of access control are users, resources, actions, and features.
False
The number of failed logon attempts that trigger an account action is called an audit logon event.
False
Fingerprints, palm prints, and retina scans are types of biometrics
True
Alan is evaluating different biometric systems and is concerned that users might not want to subject themselves to retinal scans due to privacy concerns. Which characteristic of a biometric system is he considering?
Acceptability
Which type of password attack attempts all possible combinations of a password in an attempt to guess the correct value?
Brute-force attack
Passphrases are less secure than passwords.
False
A dictionary attack works by hashing all the words in a dictionary and then comparing the hashed value with the system password file to discover a match.
True
Common methods used to identify a user to a system include username, smart card, and biometrics
True
