Intro To Network Security Sixth Ed Chapter 11

1. Which authentication factor is based on a unique talent that a user possesses? A. What you have B. What you are C. What you do D. What you know

2. Which of these is NOT a characteristic of a weak password? A. A common dictionary word B. A long password C. Using personal information D. Using a predictable sequence of characters

3. Each of the following accounts should be prohibited EXCEPT: A. Shared accounts B. Generic accounts C. Privileged accounts D. Guest accounts

4. Ilya has been asked to recommend a federation system technology that is an open source federation framework that can support the development of authorization protocols. Which of these technologies would he recommend? A. OAuth B. Open ID Connect C. Shibboleth D. NTLM

5. How is key stretching effective in resisting password attacks? A. It takes more time to generate candidate password digests. B. It requires the use of GPUs. C. It does not require the use of salts. D. The license fees are very expensive to purchase and use it.

6. Which of these is NOT a reason why users create weak passwords? A. A lengthy and complex password can be difficult to memorize. B. A security policy requires a password to be changed regularly. C. Having multiple passwords makes it hard to remember all of them. D. Most sites force users to create weak passwords even though they do not want to.

7. What is a hybrid attack? A. An attack that uses both automated and user input B. An attack that combines a dictionary attack with a mask attack C. A brute force attack that uses special tables D. An attack that slightly alters dictionary words

8. A TOTP token code is generally valid for what period of time? A. Only while the user presses SEND B. For as long as it appears on the device C. For up to 24 hours D. Until an event occurs

9. What is a token system that requires the user to enter the code along with a PIN called? A. Single-factor authentication system B. Token-passing authentication system C. Dual-prong verification system D. Multifactor authentication system

10. Which of these is a U.S. Department of Defense (DoD) smart card that is used for identification of active-duty and reserve military personnel? A. Personal Identity Verification (PIV) card B. Secure ID Card (SIDC) C. Common Access Card (CAC) D. Government Smart Card (GSC)

11. Which of the following should NOT be stored in a secure password database? A. Iterations B. Password digest C. Salt D. Plaintext password

12. Creating a pattern of where a user accesses a remote web account is an example of which of the following? A. Keystroke dynamics B. Geolocation C. Time-Location Resource Monitoring (TLRM) D. Cognitive biometrics

13. Timur was making a presentation regarding how attackers break passwords. His presentation demonstrated the attack technique that is the slowest yet most thorough attack that is used against passwords. Which of these password attacks did he demonstrate? A. Dictionary attack B. Hybrid attack C. Custom attack D. Brute force attack

14. Which human characteristic is NOT used for biometric identification? A. Retina B. Iris C. Height D. Fingerprint

15. _____ biometrics is related to the perception, thought processes, and understanding of the user. A. Cognitive B. Standard C. Intelligent D. Behavioral

16. Using one authentication credential to access multiple accounts or applications is known as _____. A. single sign-on B. credentialization C. identification authentication D. federal login

17. What is a disadvantage of biometric readers? A. Speed B. Cost C. Weight D. Standards

18. Which type of password attack is a more targeted brute force attack that uses placeholders for characters in certain positions of the password? A. Rainbow attack B. Mask attack C. Rule attack D. Pass the hash attack

19. Why should the account lockout threshold not be set too low? A. It could decrease calls to the help desk. B. The network administrator would have to reset the account manually. C. The user would not have to wait too long to have her password reset. D. It could result in denial of service (DoS) attacks.

20. Which one-time password is event-driven? A. HOTP B. TOTP C. ROTP D. POTP