Donain 5

Question 1

What acts a DB that contains Precomputed hashes output for most possible passwords

Answer 1

Rainbow table

Question 2

What are three common password cracking methods

Answer 2

Dictionary, hybrid and brute

Question 3

What primary feature does a cryptographic salt provide

Answer 3

Makes pre computation attacks such as rainbow tables infeasible

Question 4

What kind of smart care is based on time

Answer 4

Synchronous dynamic password tokens

Question 5

What restricts access to functions based on roles and privileges

Answer 5

A constrained user interface

Question 6

In the access control model what term is used to refer to files, directories and ports

Answer 6

Objects

Question 7

What is a passive entity that contains or receives information

Answer 7

Object

They can be files, directories, pipes, devices, sockets, ports and etc

Question 8

When the users biometric information is recorded so it can be used for comparison for the user to gain access

Answer 8

Enrollment

Question 9

A password cracking program that takes dictionary words and then alters the number of characters before hashing. What type of attack is this

Answer 9

Hybrid

Question 10

An application is interfacing with an OAuth API, Poseidon of what type of token means that delegated access has been approved and additional authorization is not necessary

Answer 10

Bearer token

Question 11

What is the most common type of access token

Answer 11

Bearer token

Question 12

Kerberosis does not address availability

Answer 12

True

Question 13

Type one error

Answer 13

False rejection rate

Question 14

Type two error

Answer 14

False acceptance rate

Question 15

What is considered a consumer oriented federated identity management framework

Answer 15

Kerberosis

Question 16

In OAuth I hat role is responsible for determining what data may be accessed and actions be permitted

Answer 16

Resource owner

Question 17

What authentication method negotiated the validity of the user through tickets

Answer 17

Kerberosis

Question 18

What JSON based technology can be used with SAML to provide authorization

Answer 18

OAuth

Question 19

What is the primary emphasis of SAML

Answer 19

Authentication, but can be used to communicate authorization details

Question 20

Who you declare to be on a system

Answer 20

Identity

Question 21

Proving who you really are

Answer 21

Authentication

Question 22

What is a random number that is hashed along the password

Answer 22

Salt

Question 23

What a tribute of the Kerberos authentication process makes it so strong

Answer 23

Mutual authentication

Question 24

Symmetric key authentication system that allows clients to securely access network services

Answer 24

Kerberos

Question 25

Symmetric key encryption algorithms include

Answer 25

DES for V4 TDES RC4 for V5

Question 26

Single sigh in for cloud

Answer 26

IDaaS

Question 27

Primary design types for access control systems

Answer 27

Mandatory Discretionary Non discretionary

Question 28

A subject having the authority to assign the accessible objects and what priv are allowed concerning those objects

Answer 28

Discretionary access control

Question 29

What term describes SSO amongst multiple orgs

Answer 29

Federated identity management

Question 30

What is associated with authentication credentials for an org

Answer 30

SSO

Question 31

Example of a non discretionary access

Answer 31

Role based