chapter 23

Question 1

CAC

Answer 1

Common Access Cards

Question 2

EXIF

Answer 2

Exchangeable Image File

Question 3

GPO

Answer 3

Group Policy Objects

Question 4

IdP

Answer 4

Identity Provider

Question 5

PIV

Answer 5

Personal Identity Verification

Question 6

SAML

Answer 6

Security Assertion Markup Language

Question 7

XMP

Answer 7

Extensible Metadata Platform

Question 8

What is the purpose of an SSH key?

Answer 8

To be used for automated processes and services.

Question 9

The process of transforming a description of a location, with coordinates, address, or name of place, into a location on the Earth’s surface.

Answer 9

Geocoding

Question 10

Location-based marketing that uses GPS, RFID, WiFi or cell data to define a virtual geographical boundary around a certain or specific area.

Answer 10

Geolocation

Question 11

The process of appending geographic coordinates to media based on the location of a mobile device.

Answer 11

Geotagging

Question 12

The primary advantage of using time-of-day restrictions for access.

Answer 12

Prevents users from logging onto an enterprise network outside of regular business hours, limiting the risk of outside cyber-attacks.

Question 13

The primary disadvantage of using time-of-day restrictions for access.

Answer 13

Someone that needs to log into their account will have no access outside of business hours.

Question 14

What is the purpose of a token?

Answer 14

To identify specific access rights and authentication.

Question 15

What is the purpose of a digital certificate?

Answer 15

To verify the identity of the sender/receiver of an electronic message and provide the means to encrypt/decrypt messages between sender and receiver.

Question 16

How might service accounts be used in batch operations?

Answer 16

To be restricted by the admin to only run at night to prevent them from being used by unauthorized personnel.

Question 17

Identification used by DoD military personnel.

Answer 17

CAC

Question 18

A smart card used for federal employees and contractors.

Answer 18

PIV

Question 19

Used to denote a system or service that creates, maintain, and manages identity information.

Answer 19

IdP

Question 20

What are the advantages and disadvantage of using token-based systems?

Answer 20

Advantage: Every token is unique so if one is removed from a system, the others won’t be affected.

Disadvantage: Since only the token is authenticated, the theft of the token can be used by anyone regardless of who holds it.

Question 21

How can MFA be used to offset the disadvantage of a token-based system

Answer 21

By adding an extra layer of authentication security to mitigate the risk of unauthorized access.

Question 22

What is the primary problem with shared/generic accounts?

Answer 22

The ability to easily track the activity of a user.

Question 23

When might an account be automatically be locked out?

Answer 23

After an employee is terminated, time frame of inactivity and/or multiple attempts of failed log-ins.

Question 24

Who should configure time-of-day, history and complexity account requirements?

Answer 24

Network administrators.

Question 25

An independent verification that the policies associated with it are being followed.

Answer 25

Account Audits

Question 26

Full control of files, directories, services and other resources. Has the most power.

Answer 26

Admin Account

Question 27

Used for normal everyday tasks, may be limited from installing new programs.

Answer 27

Standard account

Question 28

Limited user rights and usually used only one time.

Answer 28

Guest Account

Question 29

Which type of account should be disabled by default?

Answer 29

Guest Accounts

Question 30

Should both user IDs and password be unique?

Answer 30

Yes.

Question 31

When might a network administrator disable an account?

Answer 31

If the user no longer uses that account, a breach of security happens, or a period of inactivity.

Question 32

What are SAML, OpenID and OAuth?

Answer 32

Token-based authentication process protocols.

Question 33

When a login occurs outside of a geological area while another ones within the enterprise follows suit.

Answer 33

Risky Logins

Question 34

Logging into an account off site while logging into it again on site in a very short amount of time.

Answer 34

Impossible Travel Time

Question 35

What are identity attributes?

Answer 35

Specific characteristics of an identity, like name, department, location, login ID, number, email address, and so on.