Unit 11

Ace your homework & exams now with Quizwiz!

Which of these is NOT a characteristic of a weak password? a. Using a predictable sequence of characters b. Using personal information c. A common dictionary word d. A long password

A long password

What is a hybrid attack? a. A brute force attack that uses special tables b. An attack that uses both automated and user input c. An attack that slightly alters dictionary words d. An attack that combines a dictionary attack with a mask attack

An attack that combines a dictionary attack with a mask attack

Timur was making a presentation regarding how attacker's break passwords. His presentation demonstrated the attack technique that is the slowest yet most thorough attack that is used against passwords. Which of these password attacks did he demonstrate? a. Dictionary attack b. Brute force attack c. Hybrid attack d. Custom attack

Brute force attack

________ biometric is related to the perception, through processes, and understanding of the user. a. Standard b. Intelligent c. Behavioral d. Cognitive

Cognitive

Which of these is a US Department of Defense smart card that is used for identification of active duty and reserve military personnel? a. Common Access Card (CAC) b. Government Smart Card (GSC) c. Personal Identity Verification (PIV) card d. Secure ID Card (SIDC)

Common Access Card (CAC)

What is a disadvantage or biometric readers? a. Speed b. Weight c. Cost d. Standards

Cost

A TOTP token code is generally valid for what period of time? a. For as long as it appears on the device b. For up to 24 hours c. Until an event occurs d. Only while the user presses SEND

For as long as it appears on the device

Creating a pattern of where a user accessed a remote web account is an example of which of the following? a. Time-Location Resource Monitoring (TLRM) b. Geolocation c. Cognitive biometrics d. Keystroke dynamics

Geolocation

Which one-time password is event-driven? a. ROTP b. TOTP c. HOTP d. POTP

HOTP

Which human characteristic is NOT used for biometric identification? a. Retina b. Iris c. Height d. Fingerprint

Height

Why should the account lockout threshold not be set too low? a. It could result in denial of service (DoS) attacks. b. The network administrator would have to reset the account manually. c. It could decrease calls to the help desk. d. The user would not have to wait too long to have her password reset.

It could result in denial of service (DoS) attacks

How is key stretching effective in resisting password attacks? a. It requires the use of GPUs. b. It takes more time to generate candidate password digests. c. The license fees are very expensive to purchase and use it. d. It does not require the use of salts.

It takes more time to generate candidate password digests

Which type of password attack is a more targeted brute force attack that uses placeholders for characters in certain positions of the password? a. Rainbow attack b. Pass the hash attack c. Rule attack d. Mask attack

Mask attack

Which of these is NOT a reason why users create weak passwords? a. Having multiple passwords makes it hard to remember all of them. b. Most sites force users to create weak passwords even though they do not want to. c. A lengthy and complex password can be difficult to memorize. d. A security policy requires a password to be changed regularly.

Most sites force users to create weak passwords even though they do not want to

What is a token system that requires the user to enter the code along with a PIN called? a. Dual-prong verification system b. Single-factor authentication system c. Token-passing authentication system d. Multifactor authentication system

Multifactor authentication system

Ilya has been asked to recommend a federation system technology that is an open source federation framework that can support the development of authorization protocols. Which of these technologies would he recommend? a. Shibboleth b. Open ID Connect c. NTLM d. OAuth

OAuth

Which of the following should NOT be stored in a secure password database? a. Iterations b. Plaintext password c. Salt d. Password digest

Plaintext password

Each of the following accounts should be prohibited EXCEPT: a. Guest accounts b. Generic accounts c. Shared accounts d. Privileged accounts

Priviledged accouts

Using one authentication credential to access multiple accounts or applications is known as _______. a. single sign-on b. federal login c. identification authentication d. credentialization

Single sign-on

Which authentication factor is based on a unique talent that a user possesses? a. What you are b. What you know c. What you do d. What you have

What you do?


Related study sets

Florida Insurance 20-44 Exam Study

View Set

Neuro ATI Med-Surg book application questions

View Set

Chapter 8 - Groups and Teams - OB

View Set

Integumentary: Saunders NCLEX Review, Burn Injuries

View Set