Ch.12

Question 1

A secret combination of letters, numbers, and/or characters that only the user should have knowledge of, is known as a:

Question 1 options:

token

password

biometric detail

challenge

Answer 1

password

Question 2

What is the center of the weakness of passwords?

Question 2 options:

human memory

encryption technology

handshake technology

human reliability

Answer 2

human memory

Question 3

Passwords that are transmitted can be captured by what type of software?

Question 3 options:

application analyzer

system analyzer

function analyzer

protocol analyzer

Answer 3

protocol analyzer

Question 4

What type of attack involves an attacker stealing a file containing password digests and comparing the digests with digests created by the attacker?

Question 4 options:

offline cracking

online cracking

hash replay

token replay

Answer 4

offline cracking

Question 5

What type of attack involves using every possible combination of letters, numbers, and characters to create candidate digests that are then matched against those in a stolen digest file?

Question 5 options:

Space division

Brute force

Known ciphertext

Known plaintext

Answer 5

Brute force

Question 6

What variation of a dictionary attack involves a dictionary attack combined with a brute force attack, and will slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters?

Question 6 options:

brute force

hash replay

network replay

hybrid

Answer 6

hybrid

Question 7

The use of what item below involves the creation of a large pregenerated data set of candidate digests?

Question 7 options:

Rainbow tables

Randomized character list

Word list

Cascade tables

Answer 7

Rainbow tables

Question 8

What kind of biometrics utilizes a person’s unique physical characteristics for authentication, such as fingerprints or unique characteristics of a person’s face?

Question 8 options:

Cognitive biometrics

Reactive biometrics

Standard biometrics

Affective biometrics

Answer 8

Standard biometrics

Question 9

Which term below describes the time it takes for a key to be pressed and then released?

Question 9 options:

Dwell time

Lead time

Sync time

Show time

Answer 9

Dwell time

Question 10

Which type of biometrics is based on the perception, thought process, and understanding of the user?

Question 10 options:

Standard biometrics

Reactive biometrics

Cognitive biometrics

Affective biometrics

Answer 10

Cognitive biometrics

Question 11

The use of a single authentication credential that is shared across multiple networks is called:

Question 11 options:

Access management

Authorization management

Identity management

Risk management

Answer 11

Identity management

Question 12

The use of one authentication credential to access multiple accounts or applications is referred to as?

Question 12 options:

Individual Sign On

Single Sign On

Unilateral Sign On

Federated Sign On

Answer 12

Single Sign On

Question 13

What technology allows users to share resources stored on one site with a second site without forwarding their authentication credentials to the other site?

Question 13 options:

OpenAuth

OAuth

SAML

Kerberos

Answer 13

OAuth

Question 14

Select below the decentralized open-source FIM that does not require specific software to be installed on the desktop:

Question 14 options:

​OAuth

​OpenID

​Windows Live ID

​OpenPass

Answer 14

​OpenID

Question 15

What federated identity management (FIM) relies on token credentials?

Question 15 options:

​OAuth

​OpenID

​Windows Live

​OpenPass

Answer 15

​OAuth

Question 16

A U.S. Department of Defense (DoD) smart card that is used for identification of active-duty and reserve military personnel along with civilian employees and special contractors is called:

Question 16 options:

​Common Access Card (CAC)

​Identity Validation Card (IVC)

​Credential Validation Card (CVC)

​Personal Credential Card (PCC)

Answer 16

Common Access Card (CAC)

Question 17

What can be used to increase the strength of hashed passwords?​

Question 17 options:

​Salt

​Key stretching

​Double hashing

Crypting

Answer 17

​Salt

Question 18

A list of the available nonkeyboard characters can be seen in Windows by opening what utility?

Question 18 options:

​charmap.exe

​charlist.exe

​chardump.exe

​listchar.exe

Answer 18

​charmap.exe

Question 19

Which hashing algorithm below is used with NTLMv2’s Hashed Message Authentication Code?

Question 19 options:

​SHA-1

​SHA-256

​MD4

​MD5

Answer 19

​MD5

Question 20

What type of one-time password (OTP) changes after a set time period?

Question 20 options:

HMAC-Based one-time password (HOTP)

Period-based one-time password (POTP)

Time-based one-time password (TOTP)

Interval-based one-time password (IOTP)

Answer 20

Time-based one-time password (TOTP)