6.2 Authentication
Which of the following are examples of Something You Have authentication controls? (Select two.) - Handwriting analysis - Cognitive question - Smart card - Photo ID - Voice recognition - PIN
- Smart card - Photo ID
Match the authentication factor types on the left with the appropriate authentication factor on the right. Each authentication factor type may be used more than once. - PIN - Smart card - Password - Retina scan - Fingerprint scan - Hardware token - Passphrase - Voice recognition - Wi-Fi triangulation - Typing behaviors
- Something You Know - Something You Have - Something You Know - Something You Are - Something You Are - Something You Have - Something You Know - Something You Are - Somewhere You Are - Something You Do
Which of the following are disadvantages of biometrics? (Select two.) - When used alone, they are no more secure than a strong password. - They have the potential to produce numerous false negatives. - Biometric factors for identical twins are the same. - They can be circumvented using a brute force attack. - They require time synchronization.
- When used alone, they are no more secure than a strong password. - They have the potential to produce numerous false negatives.
What is the MOST important aspect of a biometric device? - Enrollment time - Throughput - Size of the reference profile - Accuracy
Accuracy
False negative
An error that occurs when a person who should be allowed access is denied access.
False positive
An error that occurs when a person who should be denied access is allowed access.
Identification
The initial process of confirming the identity of a user requesting credentials. This occurs when a user enters a user ID at logon.
Processing rate
The number of subjects or authentication attempts that can be validated.
Crossover error rate
The point at which the number of false positives matches the number of false negatives in a biometric system.
Which of the following defines the crossover error rate for evaluating biometric systems? - The number of subjects or authentication attempts that can be validated. - The rate of people who are denied access when they should be allowed access. - The rate of people who are given access when they should be denied access. - The point where the number of false positives matches the number of false negatives in a biometric system.
The point where the number of false positives matches the number of false negatives in a biometric system.
Authentication
The verification of the issued identification credentials. It is usually the second step in the identification process and establishes that you are who you say you are.
Which of the following identification and authentication factors are often well known or easily discovered by others on the same network or system? - Biometric reference profile - PGP secret key - Password - Username
Username
What is multi-factor authentication?
Using two or more types/factors of authentication. e.g. Smart Card and Pin. Or Biometrics and Token key fob.
Multifactor authentication
A method of confirming identity by using two or more pieces of evidence (or factors) to an authentication mechanism.
A smart card can be used to store all but which of the following items? - Identification codes - Cryptography keys - Biometric template original - Digital signature
Biometric template original
What is an example of the "something you are" authentication type?
Biometric System such as an eye or fingerprint.
Which of the following is a password that relates to things that people know, such as a mother's maiden name or a pet's name? - Cognitive - One-time - Passphrase - Dynamic
Cognitive
Which of the following terms is used to describe an event in which a person who should be allowed access is denied access to a system? - Error rate - False positive - False negative - False acceptance
False negative
Which physical attributes can be used to identify an individual?
Fingerprints, Retina, Iris, Facial, Voice, Vein, and Gait.
What type of password is maryhadalittlelamb? - Cognitive - Composition - Passphrase - Static
Passphrase
What is an example of the "something you know" authentication type?
Passwords, codes, IDs, PINs, Passphrases, cognitive information like questions and composition passwords.
What is an example of the "something you have" authentication type?
Swipe cards, photo IDs, Key fobs, and security fobs that generate a random password.