Chapter 4 Deploying Enterprise Authentication and Authorization Controls Mark B

Question 1

What is the container on a Windows operating system that allows the secure storage of user credentials and passwords?

A. Password repository application
B. Credential Manager
C. iCloud Keychain
D. End user password storage

Answer 1

B. Credential Manager

Question 2

What security would be provided for the storage of passwords in a cloud repository?

A. Advanced access control
B. Behavioral Analytics
C. Continuous Validation
D. Reversible Encryption

Answer 2

A. Advanced access control
B. Behavioral Analytics
C. Continuous Validation

Question 3

What type of device allows the secure retention of user passwords?

A. Hardware key manager
B. Removable Storage
C. Password policies
D. iCloud keychain

Answer 3

A. Hardware key manager

Question 4

What management solution allows auditing of privileged accounts and checkout of these credentials?

A. Password policies
B. Privileged access management
C. Password complexity
D. Password auditing

Answer 4

B. Privileged access management

Question 5

What password policy will ensure a password cannot be reused? Choose two

A. Password length
B. Password reuse
C. Password complexity
D. Password history

Answer 5

B. Password reuse
D. Password history

Question 6

What password policy would most likely force Bill to change his password from flowerpot to f10w3rp0t?

A. Password length
B. Password reuse
C. Password complexity
D. Password history

Answer 6

C. Password complexity

Question 7

What password policy will ensure Mary cannot spend her lunch break resetting her password 24 times to make it the original password?

A. Minimum password age
B. Maximum password age
C. Password complexity
D. Password history

Answer 7

A. Minimum password age

Question 8

How can you detect the use of a poor password that may match dictionary words?

A. Password spraying
B. Password auditing
C. Password guessing
D. Password reset

Answer 8

B. Password auditing

Question 9

What is required for CHAP authentication, when setting a password requirements policy?

A. Strong encryption
B. Reversible Encryption
C. Forward Encryption
D. Complexity

Answer 9

B. Reversible Encryption

Question 10

What is the term used when credentials can be used with a third party utilizing SSO?

A. Identity proofing
B. Identity federation
C. Identity cloud
D. Identity Trust

Answer 10

B. Identity federation

Question 11

What XML federation service will most likely be used to access third party cloud based corporate portals?

A. Shibboleth
B. SAML
C. OAuth
D. OpenID

Answer 11

B. SAML

Question 12

Which federation service will most likely be used to access third party cloud based digital services?

A. OAuth
B. SAML
C. Kerberos
D. LDAP

Answer 12

A. OAuth

Question 13

What access control will offer the most security for a government agency?

A. MAC
B. DAC
C. Role based access control
D. Rule based access control

Answer 13

A. MAC

Question 14

What access control will offer the most flexibility for decentralized administration?

A. MAC
B. DAC
C. Role based access control
D. Rule based access control

Answer 14

B. DAC

Question 15

What access control will allow for access based upon country and department?

A. MAC
B. DAC
C. Role based access control
D. Attribute based access control

Answer 15

D. Attribute based access control

Question 16

Which AAA service offers the widest support across vendor networking equipment?

A. RADIUS
B. TACAS+
C. Circumference
D. HP Proprietary

Answer 16

A. RADIUS

Question 17

What Ethernet standard allows networking appliances to authenticate connection attempts?

A. 802.11
B. 802.1x
C. 802.3
D. 802.1s

Answer 17

B. 802.1x

Question 18

What can I use to authenticate securely to directory services, preventing replay and MITM attacks?

A. IPsec
B. Kerberos
C. CHAP
D. PAP

Answer 18

B. Kerberos

Question 19

What is the framework that allows many different authentication protocols?

A. PAP
B. EAP
C. CHAP
D. PEAP

Answer 19

B. EAP

Question 20

What will I need to support if users need to present an RFID card, iris scan and pin?

A. MFA
B. 2FA
C. Two step verification
D. In Band Authentication

Answer 20

A. MFA

Question 21

What is being used when my bank sends me a confirmation code via SMS?

A. In band authentication
B. OOBA
C. Bandwidth
D. Out of bounds

Answer 21

B. OOBA

Question 22

What type of password is not already known to the user?

A. Forgotten password
B. OTP
C. PIN
D. KBA question

Answer 22

B. OTP

Question 23

What will I need to support if users need to present a password, memorable secret and a pin?

A. MFA
B. 2FA
C. Two step verification
D. Single factor authentication

Answer 23

D. Single factor authentication

Question 24

What type of password will my Microsoft Authenticator application generate??

A. HOTP
B. TOTP
C. Hardware Root of Trust
D. JWT

Answer 24

B. TOTP

Question 25

What is it called when I sign on to directory servers and can use my internal email without being prompted to sign in a second time?

A. SSO
B. JWT
C. Attestation and identity proofing
D. TPM

Answer 25

A. SSO

Question 26

How can I administer my directory services securely?

A. LDAP using TLS
B. Kerberos
C. OAuth
D. Out of band

Answer 26

A. LDAP using TLS