Domain 5

Question 1

When an authorized subject is rejected

Answer 1

FRR (False rejection rate)

aka Type 1 error

Question 2

When an unauthorized subject is accepted

Answer 2

FAR (False acceptance rate)

aka Type 2 error

Question 3

false ___ is worse than false ____

Answer 3

acceptance; reject

Question 4

When sensitivity of biometric systems increases, ___ will rise and ___ will drop

Answer 4

FRR; FAR

Question 5

The sensitivity of biometric systems lower ___ will drop and __ will rise

Answer 5

FRR; FAR

Question 6

____ occurs when users gain more access to systems over time

Answer 6

access aggregation

Question 7

SESAME uses ____ rather than Kerberos’ tickets

Answer 7

privilege attribute certificates (PAC)

Question 8

RADIUS uses ports ___ and ___

Answer 8

UDP 1812(authentication) and 1813(accounting)

Question 9

The principal of access control is?

Answer 9

accountability

Question 10

Kerberos only supports ____ encryption

Answer 10

symmetric

Question 11

Sesame supports both ____ and ___ encryption

Answer 11

symmetric; asymmetric

Question 12

Differing from SSO, FIM allows users to gain access to internal and ___ resources

Answer 12

external

Question 13

What are the 4 components of SAML?

Answer 13

Profile: define how saml can be used for different business use cases

Binding: maps saml onto different communication protocols

Protocol: defines how entities send and respond to requests

Assertion: defines authentication and authorization in attributes

Question 14

WS-Federation provides ___ and ___

Answer 14

authentication and authorization

Question 15

OpenID provides ___

Answer 15

authentication

Answer 16

authorization