Module 11 - Understanding Identification and Authentication - Q&A Flashcards

1
Q
Which of the following is the process of validating user credentials?
A. Identification
B. Authorization
C. Authentication
D. Accountability
A

C. Authentication is the process of validating user credentials.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
Each of the following would be considered an example of an authenticator, except:
A. Username and password
B. Smart card
C. Token
D. Folder permissions
A

D. Folder permissions have to do with authorization, not authentication. Authenticators are elements used in the identification and authentication process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
Which of the following authentication factors relies on a specified time period, during which a user must authenticate?
A. Temporal
B. Location
C. Inherence
D. Possession
A

A. The temporal authentication factor relies heavily on time and might be used to require a user to authenticate during a specified time period.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
Which of the following authentication factors would require that you input a piece of information from memory in addition to using a smart card?
A. Possession
B. Knowledge
C. Inherence
D. Temporal
A

B. The knowledge factor would require that you input a piece of information, such as a password or PIN, from memory in addition to using a smart card.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

All of the following are examples of single-factor authentication, except:
A. Using a username and password combination to log on to a computer system
B. Answering security questions to reset a password
C. Use of a magnetic-strip security card to enter a secure door
D. Use of a smart card and PIN to log on to a computer system

A

D. Using a smart card and PIN is an example of multifactor authentication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
Which of the following is the error rate at which biometric systems should be calibrated?
A. False positive rate
B. False rejection rate
C. False acceptance rate
D. Crossover error rate
A

D. The crossover error rate is the point at which biometric systems should be calibrated to reduce false acceptance and false rejection rates.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
Which of the following are factors used in biometrics? (Choose two.)
A. Password
B. Handprint geometry
C. Token
D. Retinal patterns
A

B, D. Both handprint geometry and retinal patterns are factors used in biometric authentication systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

You are implementing an authentication system for a new company. This is a small company, and the owner has requested that all users be able to create accounts on their own individual workstations. You would like to explain to the owner that centralized authentication might be better to use. Which of the following are advantages of centralized authentication? (Choose two.)
A. Centralized security policies and account requirements
B. Ability of individuals to set their own security requirements
C. Ability to use single sign-on capabilities within the entire organization
D. Requirements have different usernames and passwords for each workstation and resource

A

A, C. Centralized system security policies as well as the ability to use single sign-on throughout the organization are two advantages of centralized authentication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following scenarios describes a transitive trust situation?
A. Company A trusts the authentication systems of Company B, and vice versa.
B. Company A trusts the authentication systems of Company B, but Company B does not trust Company A’s authentication systems.
C. Company A trusts the authentication systems of Company B, and Company B trusts the systems of Company C, so Company A trusts Company C.
D. Company A trusts the authentication systems of Company B and Company C, both explicitly.

A

C. In a transitive trust situation, Company A trusts the authentication systems of Company B, and Company B trusts the systems of Company C, so Company A trusts Company

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
Which of the following terms describes a common authentication system used by multiple entities, enabling users from any of the entities to authenticate seamlessly to one another’s systems?
A. Federated
B. Decentralized
C. Centralized
D. Transitive trust Answers
A

A. A federated system is a common authentication system shared among all people entities. It allows users from any of the entities to access systems in one another’s infrastructure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly