9 Flashcards
A type of hierarchical database structure used in Windows Server environments that enables centralized management of users, devices and resources on a network is known as:
Active Directory (AD)
An authentication subsystem in which a single set of authentication credentials provides access to multiple systems across different organizations is called:
Federation
Which of the following answers describe the features of TOTP? (Select 3 answers)
TOTP - Time-based one-time password
- Based on a shared secret key and current time
- Not vulnerable to replay attacks
- Valid for only one login session
Which of the following answers refer to the characteristics of HOTP? (Select 3 answers)
HOTP - HMAC-based one-time password is a one-time password algorithm based on HMAC
- Valid for only one login session
- Based on a cryptographic hash function and a secret cryptographic key
- Not vulnerable to replay attacks
Which of the following are examples of hardware authentication tokens? (Select 3 answers)
- Key fob
- RFID badge
- Smart card
Which of the following is an example of a soft authentication token?
Authenticator app
Examples of static authentication methods include: (Select 2 answers)
User-generated password
Personal Identification Number (PIN)
An authenticator application is a software that generates additional authentication token (in the form of a random code) used in multi-step verification process
True
Which of the following does not have an application in the authentication process?
- One-time passwords
- SMS messages
- Hardware / Software tokens
- Static codes ( Your answer)
- Push notifications
- Phones
All of the above can be used in the authentication process
Which of the following answers refers to an example implementation of certificate-based authentication?
Smart card
In computer security, the term “Biometrics” refers to physical characteristics of the human body that can be used for identification and access control purposes.
True
Which of the following is not used in the process of biometric authentication?
- Fingerprint scan
- Voice recognition
- Vein analysis
- Retina / Iris scan
- Face recognition
- Gait analysis
All of the above can be used in the biometric authentication process
A measure of the likelihood that a biometric security system will incorrectly accept an access attempt by an unauthorized user is known as:
FAR (False Acceptance Rate)
A measure of the likelihood that a biometric security system will incorrectly reject an access attempt by an authorized user is referred to as:
FRR (False Rejection Rate)
Which of the answers listed below refers to a type of metric used for evaluation of a biometric security system’s accuracy?
CER (Crossover Error Rate)