Chapter 2

Question 1

Who or what we claim to be

Answer 1

Identification

Question 2

The set of methods used to establish whether a claim of identity is true

Answer 2

Authentication

Question 3

What is the half step between Identification and Authentication?

Answer 3

Identity Verification

Question 4

Username/Password/Pin are examples of what?

Answer 4

Something you know

Question 5

ID Badges/Swipe Card/OTP are examples of what?

Answer 5

Something you have

Question 6

Fingerprint/Iris/Retina Scan are examples of what?

Answer 6

Something you are

Question 7

Geolocation is an example of what?

Answer 7

Where you are

Question 8

The process where the session is authenticated on both ends than just one end. This event prevents man-in-the-middle attacks. Both the PC and Server authenticate each other before data is sent in either direction.

Answer 8

Mutual Authentication

Question 9

When the attacker inserts themselves into the traffic flow.

Answer 9

Man-in-the-middle

Question 10

What is the most common form of Authentication

Answer 10

Passwords

Question 11

When all possible combinations are used to guess a password (or retrieve an original message)

Answer 11

Brute Force

Question 12

Programs that store all of the users’ passwords with a master password

Answer 12

Password Manager

Question 13

When a user syncs passwords from different systems without a software application

Answer 13

Manual Password Synchronization

Question 14

Authentication factors that use physical features

Answer 14

Biometrics

Question 15

Biometrics are designed by 7 features

Answer 15

Universality
Uniqueness
Permanence
Collectability
Performance
Acceptability
Circumvention

Question 16

Stipulates (demands) that we should be able to find our chosen biometric characteristic in the majority of people we expect to enroll in the system

Answer 16

Universality

Question 17

A measure of how different a particular characteristic is among individuals

Answer 17

Uniqueness

Question 18

Tests how well a characteristic resists change over time and with advancing age

Answer 18

Permanence

Question 19

Measures how easy it is to acquire a characteristic

Answer 19

Collectability

Question 20

A set of metrics that judge how well a given system functions

Answer 20

Performance

Question 21

A measure of how acceptable the particular characteristic is to the users of the system

Answer 21

Acceptability

Question 22

Describes how easy it is to trick a system by using a falsified biometric identifier

Answer 22

Circumvention

Question 23

Physical devices that generate a one-time password

Answer 23

Hardware Tokens (Often called Dongles)

Question 24

Applications that generate One Time Passwords

Answer 24

Software Tokens

Question 25

Passwords that expire after a time frame or after one-time usage

Answer 25

One Time Passwords

Question 26

Noting elements that appear at certain parts of an image

Answer 26

Minutiae

Question 27

FAR

Answer 27

False Acceptance Rate

Question 28

FRR

Answer 28

False Rejection Rate

Question 29

Measures how often you accept a user who should be rejected

Answer 29

False Acceptance Rate (FAR)

Question 30

Measures how often we reject a legitimate user

Answer 30

False Rejection Rate (FRR)

Question 31

Also known as a False Negative

Answer 31

False Rejection Rate (FRR)

Question 32

EER

Answer 32

Equal Error Rate