Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

HCISSP ISC2 > Authentication > Flashcards

Authentication Flashcards

1
Q

What ist “access control”

A

authentication + authorisation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Attacks against passwords?

A
  • Guess
  • phishing, spoofing, keylogging
  • social engineering
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the risks of reusing a password?

A

Using the same or related passwords on multiple accounts means that one compromised system or account can lead to compromise of other accounts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

how to avoid password reuse?

A
  • Generating service-specific passwords from one master password
  • Password wallet
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Countermeasures against password guessing?

A
  • limit login attempts
  • prevent reuse of old passwords
  • Password aging, i.e. mandatory periodic password changes
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

difference between offline and online attack?

A

offline attack: cracking password from known hash of the password -> attacker can perform brute force
online attack: attacker tries to og in many times->System can limit number of login attempts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How should you store passwords on a database?

A
  • store as hash
  • use a slow hash function
  • include random account-specific “salt”
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is biometric authentication?

A

verifying some physical feature of the user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

HCISSP ISC2 (56 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions