Unit 11 Quiz

Ace your homework & exams now with Quizwiz!

Which of these is NOT a characteristic of a weak password? A long password A common dictionary word Using a predictable sequence of characters Using personal information

A long password

What is a hybrid attack? An attack that uses both automated and user input An attack that combines a dictionary attack with a mask attack A brute force attack that uses special tables An attack that slightly alters dictionary words

An attack that combines a dictionary attack with a mask attack

Timur was making a presentation regarding how attackers break passwords. His presentation demonstrated the attack technique that is the slowest yet most thorough attack that is used against passwords. Which of these password attacks did he demonstrate? Dictionary attack Hybrid attack Custom attack Brute force attack

Brute force attack

Which of these is a U.S. Department of Defense (DoD) smart card that is used for identification of active-duty and reserve military personnel? Personal Identity Verification (PIV) card Government Smart Card (GSC) Common Access Card (CAC) Secure ID Card (SIDC)

Common Access Card (CAC)

_____ biometrics is related to the perception, thought processes, and understanding of the user. Behavioral Cognitive Intelligent Standard

Congnitive

What is a disadvantage of biometric readers? Speed Weight Standards Cost

Cost

Which type of password attack is a more targeted brute force attack that uses placeholders for characters in certain positions of the password? Pass the hash attack Mask attack Rainbow attack Rule attack

Mask attack

Which of the following should NOT be stored in a secure password database? Plaintext password Iterations Password digest Salt

Plaintext password

Each of the following accounts should be prohibited EXCEPT: Shared accounts Generic accounts Privileged accounts Guest accounts

Privileged accounts

Which authentication factor is based on a unique talent that a user possesses? What you know What you do What you are What you have

What you do

Using one authentication credential to access multiple accounts or applications is known as _____. single sign-on identification authentication credentialization federal login

single sign-on

How is key stretching effective in resisting password attacks? It requires the use of GPUs. It takes more time to generate candidate password digests. It does not require the use of salts. The license fees are very expensive to purchase and use it.

It takes more time to generate candidate password digests.

A TOTP token code is generally valid for what period of time? For up to 24 hours Until an event occurs For as long as it appears on the device Only while the user presses SEND

For as long as it appears on the device

Creating a pattern of where a user accesses a remote web account is an example of which of the following? Keystroke dynamics Cognitive biometrics Geolocation Time-Location Resource Monitoring (TLRM)

Geolocation

Which one-time password is event-driven? ROTP POTP HOTP TOTP

HOTP

Which human characteristic is NOT used for biometric identification? Height Fingerprint Iris Retina

Height

Which of these is NOT a reason why users create weak passwords? Most sites force users to create weak passwords even though they do not want to. A lengthy and complex password can be difficult to memorize. A security policy requires a password to be changed regularly. Having multiple passwords makes it hard to remember all of them.

Most sites force users to create weak passwords even though they do not want to.

Why should the account lockout threshold not be set too low? It could result in denial of service (DoS) attacks. The network administrator would have to reset the account manually. The user would not have to wait too long to have her password reset. It could decrease calls to the help desk.

It could result in denial of service (DoS) attacks.

What is a token system that requires the user to enter the code along with a PIN called? Dual-prong verification system Multifactor authentication system Token-passing authentication system Single-factor authentication system

Multifactor authentication system

Ilya has been asked to recommend a federation system technology that is an open source federation framework that can support the development of authorization protocols. Which of these technologies would he recommend? Open ID Connect Shibboleth NTLM OAuth

OAuth


Related study sets

Ch 21: GI Disorders and Therapeutic Management jk

View Set

Maternal and Newborn Exam 2/Final

View Set

BIO202 19.2 Cardiac Muscle and Electrical Activity

View Set

A pénzügyi szektor alapvetései

View Set

Compensation Administration - Chapter 11

View Set

Comp Sci Principles Semester 1 Final

View Set

Pharm Ch. 8 tetracyclines, macrolides, lincosamides (prep u, vocab + quizletA)

View Set