Physical Security & Stuff

Question 1

a measure of the likelihood that a biometric security system will incorrectly accept an access attempt by an authorized user

Answer 1

FAR

Question 2

a measure of the likelihood that a biometric security system will incorrectly reject an access attempt by an authorized user

Answer 2

FRR

Question 3

a type of metric used for the evaluation of a biometric security system’s accuracy. Lower values mean more accurate biometric systems

Answer 3

CER

Question 4

valid for only one login session, based on a cryptographic hash function and a secret cryptographic key, not vulnerable to replay attacks

Answer 4

HOTP

Question 5

based on a shared key and the current time, not vulnerable to replay attacks, valid for only one login session

Answer 5

TOTP

Question 6

Examples of implementation methods for certificate-based authentication

Answer 6

PIV card, CAC, IEEE 802.1X

Question 7

an account policy that forces users to come up with a new password every time they are required to change their old password

Answer 7

Password history

Question 8

a key document governing the relationship between two business organizations

Answer 8

BPA

Question 9

an agreement between a service provider and users defining the nature, availability, quality, and scope of the service to be provided; an agreement that specifies performance requirements for a vendor

Answer 9

SLA

Question 10

a type of agreement that documents technical and security requirements of the interconnection between the organizations that own and operate connected IT systems

Answer 10

ISA

Question 11

general documents established between two or more parties to define their respective responsibilities and expectations in accomplishing a particular goal or mission

Answer 11

MOU & MOA