Chapter 3

Question 1

what is the basic usecase for authentication

Answer 1

to prove you are who you say you are

Question 2

what is the basis for access control and user accountability

Answer 2

authentication

Question 3

What are the 4 means of authenticating user identity

Answer 3

something the user knows

something they possess

something they are

something they do

Question 4

examples of something the user knows

Answer 4

Question 5

examples of something the user posseses

Answer 5

Question 6

examples of something the user is

Answer 6

Question 7

examples of something the user does

Answer 7

Question 8

what is assurance level

Answer 8

Question 9

What is a dictionary attack

Answer 9

Question 10

what is a rainbow table attack

Answer 10

Question 11

what is john the ripper

Answer 11

Question 12

2 ways of proactive password checking

Answer 12

list of passwords not allowed

make sure a passwords meets certain rules which are set

Question 13

what is the diff between memory cards and smart tokens

Answer 13

smark tokens have computation capability

Question 14

3 diff types of authentication protocols for smart tokens

Answer 14

static

dynamic password generator

challenge response

Question 15

smart card vs smart token

Answer 15

no diff, except has appearance of credit card

Question 16

main goal of biometric authentication

Answer 16

attempt to authenticate an individual based on unique physical characterisitcs

Question 17

do you always get perfect matches for biometric authentication

Answer 17

no, never get identical templates

Question 18

what are aditional challeneges with authentication over the network

Answer 18

Question 19

what is a “handshake” when doing remote user authentication an example of

Answer 19

challenge response

Question 20

what is a nonce

Answer 20

a one time random number