9 Flashcards

1
Q

A type of hierarchical database structure used in Windows Server environments that enables centralized management of users, devices and resources on a network is known as:

A

Active Directory (AD)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

An authentication subsystem in which a single set of authentication credentials provides access to multiple systems across different organizations is called:

A

Federation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following answers describe the features of TOTP? (Select 3 answers)

TOTP - Time-based one-time password

A
  • Based on a shared secret key and current time
  • Not vulnerable to replay attacks
  • Valid for only one login session
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following answers refer to the characteristics of HOTP? (Select 3 answers)

HOTP - HMAC-based one-time password is a one-time password algorithm based on HMAC

A
  • Valid for only one login session
  • Based on a cryptographic hash function and a secret cryptographic key
  • Not vulnerable to replay attacks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following are examples of hardware authentication tokens? (Select 3 answers)

A
  • Key fob
  • RFID badge
  • Smart card
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following is an example of a soft authentication token?

A

Authenticator app

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Examples of static authentication methods include: (Select 2 answers)

A

User-generated password
Personal Identification Number (PIN)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

An authenticator application is a software that generates additional authentication token (in the form of a random code) used in multi-step verification process

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following does not have an application in the authentication process?

A
  • One-time passwords
  • SMS messages
  • Hardware / Software tokens
  • Static codes ( Your answer)
  • Push notifications
  • Phones
    All of the above can be used in the authentication process
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following answers refers to an example implementation of certificate-based authentication?

A

Smart card

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

In computer security, the term “Biometrics” refers to physical characteristics of the human body that can be used for identification and access control purposes.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following is not used in the process of biometric authentication?

A
  • Fingerprint scan
  • Voice recognition
  • Vein analysis
  • Retina / Iris scan
  • Face recognition
  • Gait analysis
    All of the above can be used in the biometric authentication process
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A measure of the likelihood that a biometric security system will incorrectly accept an access attempt by an unauthorized user is known as:

A

FAR (False Acceptance Rate)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A measure of the likelihood that a biometric security system will incorrectly reject an access attempt by an authorized user is referred to as:

A

FRR (False Rejection Rate)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the answers listed below refers to a type of metric used for evaluation of a biometric security system’s accuracy?

A

CER (Crossover Error Rate)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Authentication process can be based on various categories of authentication factors and attributes. Authentication factors include unique physical traits of each individual such as fingerprints (“something you are”), physical tokens such as smart cards (“something you have”), or usernames and passwords (“something you know”). The categories of authentication attributes include geolocation (“somewhere you are”), user-specific activity patterns, such as keyboard typing style (“something you can do”), revealing something about an individual, e.g. wearing an ID badge (“something you exhibit”), or proving the relation with a trusted third party (“someone you know”). Multifactor authentication systems require implementation of authentication factors from two or more distinct categories.

A

True

17
Q

Which of the following fall into the category of MFA factors? (Select 3 answers)

A
  • PIN
  • USB token
  • Retina scan
18
Q

Examples of MFA attributes include

A
  • Handwritten signature
  • Gait analysis
  • GPS reading
  • Chain of trust
19
Q

Which of the following examples meets the requirement of multifactor authentication?

A

Password and biometric scan

20
Q

Which part of the AAA security architecture deals with the verification of the identity of a person or process?

A

Authentication

21
Q

Which of the answers listed below refers to the process of granting or denying access to resources?

A

Authorization

22
Q

In the AAA security architecture, the process of tracking accessed services as well as the amount of consumed resources is called

A

Accounting

23
Q

A dedicated data storage solution that combines multiple disk drive components into a single logical unit to increase volume size, performance, or reliability is referred to as:

A

Redundant Array of Independent Disks (RAID)

24
Q

Which of the following RAID levels does not offer fault tolerance?

A

RAID 0

25
Q

Hardware RAID Level 0: (Select all that apply)

A
  • Requires a minimum of 2 drives to implement
  • Is also known as disk striping
  • Decreases reliability (failure of any disk in the array destroys the entire array)
  • Is suitable for systems where performance has higher priority than fault tolerance