Chapter 4 Deploying Enterprise Authentication and Authorization Controls Mark B Flashcards

1
Q

What is the container on a Windows operating system that allows the secure storage of user credentials and passwords?

A. Password repository application
B. Credential Manager
C. iCloud Keychain
D. End user password storage

A

B. Credential Manager

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What security would be provided for the storage of passwords in a cloud repository?

A. Advanced access control
B. Behavioral Analytics
C. Continuous Validation
D. Reversible Encryption

A

A. Advanced access control
B. Behavioral Analytics
C. Continuous Validation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What type of device allows the secure retention of user passwords?

A. Hardware key manager
B. Removable Storage
C. Password policies
D. iCloud keychain

A

A. Hardware key manager

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What management solution allows auditing of privileged accounts and checkout of these credentials?

A. Password policies
B. Privileged access management
C. Password complexity
D. Password auditing

A

B. Privileged access management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What password policy will ensure a password cannot be reused? Choose two

A. Password length
B. Password reuse
C. Password complexity
D. Password history

A

B. Password reuse
D. Password history

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What password policy would most likely force Bill to change his password from flowerpot to f10w3rp0t?

A. Password length
B. Password reuse
C. Password complexity
D. Password history

A

C. Password complexity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What password policy will ensure Mary cannot spend her lunch break resetting her password 24 times to make it the original password?

A. Minimum password age
B. Maximum password age
C. Password complexity
D. Password history

A

A. Minimum password age

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How can you detect the use of a poor password that may match dictionary words?

A. Password spraying
B. Password auditing
C. Password guessing
D. Password reset

A

B. Password auditing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is required for CHAP authentication, when setting a password requirements policy?

A. Strong encryption
B. Reversible Encryption
C. Forward Encryption
D. Complexity

A

B. Reversible Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the term used when credentials can be used with a third party utilizing SSO?

A. Identity proofing
B. Identity federation
C. Identity cloud
D. Identity Trust

A

B. Identity federation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What XML federation service will most likely be used to access third party cloud based corporate portals?

A. Shibboleth
B. SAML
C. OAuth
D. OpenID

A

B. SAML

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which federation service will most likely be used to access third party cloud based digital services?

A. OAuth
B. SAML
C. Kerberos
D. LDAP

A

A. OAuth

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What access control will offer the most security for a government agency?

A. MAC
B. DAC
C. Role based access control
D. Rule based access control

A

A. MAC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What access control will offer the most flexibility for decentralized administration?

A. MAC
B. DAC
C. Role based access control
D. Rule based access control

A

B. DAC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What access control will allow for access based upon country and department?

A. MAC
B. DAC
C. Role based access control
D. Attribute based access control

A

D. Attribute based access control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which AAA service offers the widest support across vendor networking equipment?

A. RADIUS
B. TACAS+
C. Circumference
D. HP Proprietary

A

A. RADIUS

17
Q

How can I administer my directory services securely?

A. LDAP using TLS
B. Kerberos
C. OAuth
D. Out of band

A

A. LDAP using TLS

17
Q

What Ethernet standard allows networking appliances to authenticate connection attempts?

A. 802.11
B. 802.1x
C. 802.3
D. 802.1s

A

B. 802.1x

18
Q

What can I use to authenticate securely to directory services, preventing replay and MITM attacks?

A. IPsec
B. Kerberos
C. CHAP
D. PAP

A

B. Kerberos

19
Q

What is the framework that allows many different authentication protocols?

A. PAP
B. EAP
C. CHAP
D. PEAP

A

B. EAP

20
Q

What will I need to support if users need to present an RFID card, iris scan and pin?

A. MFA
B. 2FA
C. Two step verification
D. In Band Authentication

A

A. MFA

21
Q

What is being used when my bank sends me a confirmation code via SMS?

A. In band authentication
B. OOBA
C. Bandwidth
D. Out of bounds

A

B. OOBA

22
Q

What type of password is not already known to the user?

A. Forgotten password
B. OTP
C. PIN
D. KBA question

A

B. OTP

23
Q

What will I need to support if users need to present a password, memorable secret and a pin?

A. MFA
B. 2FA
C. Two step verification
D. Single factor authentication

A

D. Single factor authentication

24
Q

What type of password will my Microsoft Authenticator application generate??

A. HOTP
B. TOTP
C. Hardware Root of Trust
D. JWT

A

B. TOTP

25
Q

What is it called when I sign on to directory servers and can use my internal email without being prompted to sign in a second time?

A. SSO
B. JWT
C. Attestation and identity proofing
D. TPM

A

A. SSO