IST266 test 4 – Flashcards
Unlock all answers in this set
Unlock answersquestion
subnotebook
answer
An ultrabook is an example of what type of a portable computer?
question
RS232
answer
A laptop may have multiple hardware ports. Which of the following is not a typical port included on a laptop?
question
track stolen devices
answer
Which of the following selections is not one of the features provided by a typical MDM?
question
google glass
answer
Select below the option that represents a wearable technology:?
question
inventory control
answer
What term is used to describe the operation of stockrooms where mobile devices are stored prior to their dispersal to employees?
question
true
answer
Simply using a mobile device in a public area can be considered a risk.
question
Type I
answer
What PC Card type is typically used for memory??
question
enable a lock screen
answer
What can be enabled to prevent a mobile device from being used until a user enters the correct passcode, such as a pin or password?
question
false
answer
The Google Android mobile operating system is a proprietary system, for use on only approved devices.?
question
secure digital input output (SDIO)
answer
What SD card family can be used to transmit pictures over a wireless network to a laptop hard drive or wireless printer??
question
ExpressCard
answer
The PC Card and CardBus devices are being replaced by what technology?
question
Web-based
answer
Select below the type of computing device that uses a limited version of the Linux operating system and uses a web browser with an integrated media player:
question
Mobile device management (MDM)
answer
What type of management system below can help facilitate asset tracking?
question
Removable media storage
answer
Select below the item that is not considered to be a basic characteristic of mobile devices:
question
asset tracking
answer
Maintaining an accurate record of company-owned mobile devices
question
secure digital
answer
A small form factor storage media of a variety of different types and sizes.
question
On-boarding
answer
The ability to rapidly enroll new mobile devices.?
question
Remote wiping
answer
The ability to remote erase sensitive data stored on a mobile device?
question
mobile application management (MAM)
answer
The tools and services responsible for distributing and controlling access to apps.?
question
geo-tagging
answer
Adding or allowing geographical identification data in a mobile app?
question
geo-fencing
answer
Using a mobile device's GPS to define geographical boundaries where an app can be used.?
question
off-boarding
answer
The ability to quickly remove devices from the organization's network?
question
lock screen
answer
A technology that prevents a mobile device from being used until the user enters the correct passcode.?
question
location services
answer
Services that can identify the location of a person carrying a mobile device or a specific store or restaurant.?
question
false
answer
Mobile devices such as laptops are stolen on average once every 20 seconds.
question
true
answer
A QR code can store website URLs, plain text, phone numbers, e-mail addresses, or virtually any alphanumeric data up to 4296 characters.?
question
personal digital assistant
answer
What term below describes a hand-held mobile device that was intended to replace paper systems, and typically included an appointment calendar, an address book, a "to-do" list, a calculator, and the ability to record limited notes?
question
extreme capacity (SDXC)
answer
Select below the option that is not one of the SD format card families:
question
mobile application management
answer
?How can an administrator manage applications on mobile devices using a technique called "app wrapping?"
question
false
answer
The CardBus is a 64-bit bus in the PC card form factor.
question
a video
answer
A QR code can't contain which of the following items directly?
question
iOS
answer
What mobile operating system below requires all applications to be reviewed and approved before they can be made available on the public store front?
question
1234
answer
What PIN is considered to be the most commonly used PIN?
question
location services
answer
Mobile devices with global positioning system (GPS) abilities typically make use of:?
question
credential management
answer
Mobile Device Management systems that allow users to store usernames and passwords within a device are said to be using:
question
RADIUS
answer
Although designed to support remote dial-in access to a corporate network, what service below is commonly used with 802.1x port security for both wired and wireless LANs?
question
rule based access control
answer
Which access control model can dynamically assign roles to subjects based on a set of defined rules?
question
discretionary access control
answer
Which access control model is considered to be the least restrictive?
question
DIT
answer
Entries within a Directory Information Base are arranged in a tree structure called the:
question
false
answer
Group policy is a Unix feature that allows for the centralized management and configuration of computers and remote users using Unix Active Directory.
question
gray
answer
In a UAC prompt, what color is used to indicate the lowest level of risk?
question
role based access control
answer
Select below the access control model that uses access based on a user's job function within an organization:
question
Kerberos
answer
Select below the authentication system developed by the Massachusetts Institute of Technology (MIT) to verify the identity of network users:
question
mandatory access control
answer
What access control model below is considered to be the most restrictive access control model, and involves assigning access controls to users strictly according to the custodian?
question
False
answer
Authorization and access are viewed as synonymous and in access control, they are the same step.
question
authentication request
answer
During RADIUS authentication, what type of packet includes information such as identification of a specific AP that is sending the packet and the username and password?
question
operation
answer
The action that is taken by a subject over an object is called a(n):
question
subject
answer
A user or a process functioning on behalf of the user that attempts to access an object is known as the:
question
true
answer
The Bell-LaPadula (BLP) model of MAC can be used to prevent subjects from creating a new object or performing specific functions on objects that are at a lower level than their own.?
question
true
answer
A shield icon warns users if they attempt to access any feature that requires UAC permission.
question
access control model
answer
What is the name for a predefined framework that can be used for controlling access, and is embedded into software and hardware?
question
separation of duties
answer
A vulnerable process that is divided between two or more individuals to prevent fraudulent application of the process is known as:
question
TACACS
answer
What authentication service commonly used on UNIX devices involves communicating user authentication information to a centralized server?
question
ACL
answer
A list that specifies which subjects are allowed to access an object and what operations they can perform on it is referred to as a(n):
question
false
answer
The strength of RADIUS is that messages are always directly sent between the wireless device and the RADIUS server.
question
least privilege
answer
Providing only the minimum amount of privileges necessary to perform a job or function.?
question
discretionary access control
answer
The least restrictive access control model in which the owner of the object has total control over it.?
question
separation of duties
answer
The practice of requiring that processes should be divided between two or more individuals.
question
job rotation
answer
The act of moving individuals from one job responsibility to another.?
question
account expiration
answer
The process of setting a user's account to expire
question
time-of-day restriction
answer
Limitation imposed as to when a user can log in to a system or access resources.
question
mandatory access control
answer
The most restrictive access control model, typically found in military settings in which security is of supreme importance.
question
LDAP injection control
answer
An attack that constructs LDAP statements based on user input statements, allowing the attacker to retrieve information from the LDAP database or modify its content.
question
TACACS+
answer
The current version of the Terminal Access Control Access Control System (TACACS) authentication service.?
question
extended TACACS
answer
The second version of the Terminal Access Control Access Control System (TACACS) authentication service.?
question
LDAP injection
answer
What kind of attack allows for the construction of LDAP statements based on user input statements, which can then be used to access the LDAP database or modify the database's information?
question
orphaned
answer
User accounts that remain active after an employee has left an organization are referred to as being what type of accounts?
question
account expiration
answer
To assist with controlling orphaned and dormant accounts, what can be used to indicate when an account is no longer active?
question
DAP
answer
The X.500 standard defines a protocol for a client application to access an X.500 directory known as which of the following options?
question
roles
answer
When using Role Based Access Control (RBAC), permissions are assigned to:
question
identity management
answer
The use of a single authentication credential that is shared across multiple networks is called:
question
password
answer
A secret combination of letters, numbers, and/or characters that only the user should have knowledge of, is known as a:
question
true
answer
Geolocation is the identification of the location of a person or object using technology, and can be used as part of an authentication method.
question
charmap.exe
answer
A list of the available nonkeyboard characters can be seen in Windows by opening what utility?
question
standard biometrics
answer
What kind of biometrics utilizes a person's unique physical characteristics for authentication, such as fingerprints or unique characteristics of a person's face?
question
offline cracking
answer
What type of attack involves an attacker stealing a file containing password digests and comparing the digests with digests created by the attacker?
question
time-based one-time password(TOTP)
answer
What type of one-time password (OTP) changes after a set time period?
question
single sign on
answer
The use of one authentication credential to access multiple accounts or applications is referred to as?
question
false
answer
Passwords provide strong protection.
question
hybrid
answer
What variation of a dictionary attack involves a dictionary attack combined with a brute force attack, and will slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters?
question
human memory
answer
What is the center of the weakness of passwords?
question
true
answer
Token credentials can be revoked at any time by the user without affecting other token credentials issued to other sites.
question
brute force
answer
What type of attack involves using every possible combination of letters, numbers, and characters to create candidate digests that are then matched against those in a stolen digest file?
question
cognitive biometrics
answer
Which type of biometrics is based on the perception, thought process, and understanding of the user?
question
rainbow tables
answer
The use of what item below involves the creation of a large pregenerated data set of candidate digests?
question
common access card
answer
A U.S. Department of Defense (DoD) smart card that is used for identification of active-duty and reserve military personnel along with civilian employees and special contractors is called:
question
dwell time
answer
Which term below describes the time it takes for a key to be pressed and then released?
question
OAuth
answer
What federated identity management (FIM) relies on token credentials?
question
salt
answer
What can be used to increase the strength of hashed passwords??
question
true
answer
OpenID is an example of a web-based federated identity management (FIM) system.?
question
protocol analyzer
answer
Passwords that are transmitted can be captured by what type of software?
question
false
answer
Using a rainbow table to crack a password requires three steps: Creation of the table, comparing the table to known hash values, and decrypting the password.
question
MD5
answer
Which hashing algorithm below is used with NTLMv2's Hashed Message Authentication Code?
question
single sign-on
answer
Using one authentication credential to access multiple accounts or applications.?
question
authentication factors
answer
Five elements that can prove the genuineness of a user: what you know, what you have, what you are, what you do, and where you are.
question
token
answer
A small device that can be affixed to a keychain with a window display that shows a code to be used for authentication.
question
brute force attack
answer
A password attack in which every possible combination of letters, numbers, and characters is used to create encrypted passwords that are matched against those in a stolen password file.?
question
key stretching
answer
A password hashing algorithm that requires significantly more time than standard hashing algorithms to create the digest.?
question
Bcrypt
answer
A popular key stretching password hash algorithm?
question
salt
answer
A random string that is used in hash algorithms.
question
hybrid attack
answer
A password attack that slightly alters dictionary words by adding numbers to the end of the password, spelling words backward, slightly mispelling words, or including special characters.
question
?NTLM (New Technology LAN Manager) hash
answer
?A hash used by modern Microsoft Windows operating systems for creating password digests.
question
dictionary attack
answer
A password attack that creates encrypted versions of common dictionary words and compares them against those in a stolen password file.?
question
OAuth
answer
What technology allows users to share resources stored on one site with a second site without forwarding their authentication credentials to the other site?
question
OpenID
answer
Select below the decentralized open-source FIM that does not require specific software to be installed on the desktop:
question
portable computers, tablets, smartphones, wearable technology, and legacy devices.
answer
mobile devices
question
devices that closely resemble standard desktop computers. ex. laptop, notebook, ultrabook, subnotebook, web-based, tablets
answer
portable computer
question
portable computing devices that are generally larger than smartpones and smaller than notebooks, and are focused on ease of use
answer
tablet
question
traditional cellular telephone that includes a limited number of features, such as a camera, an MP3 music player, and ability to send and receive short message service text messages.
answer
feature phone
question
has all the tools that a feature phone has but also includes an OS that allows it to run apps and access the Internet.
answer
Smartphone
question
consists of devices that can be worn by the user instead of carried. ex smartwatch and google glass
answer
wearable technology
question
mobile devices that are no longer widely in use. ex PDA and netbook
answer
legacy devices
question
1. keep the mobile device out of sight when traveling in a high-risk area. 2. avoid becoming distracted by what is on the device. always maintain an awareness of your surroundings. 3. when holding a device, use both hands to make it more difficult for a thief to snatch. 4 do not use the device on escalators or near transit train doors. 5 white or red headphone cords may indicate they are connected to an expensive device. consider changing the cord to a less conspicuous color 6. if theft does occur, do not resist or chase the thief. instead, take note of the suspects description, including any identifying characteristics and clothing then call the authorities.
answer
theft
question
discretionary access control-least restrictive, every object has an owner, who has total control over the object. Owners can access their objects freely. Poses risks in that it relies on decisions by the end-user to set the proper level of security. a subject's permissions will be "inherited" by any programs that the subject executes. mandatory access control- most restrictive, assigns users access controls strictly according to the custodian's desires. User has no freedom to set any controls. Role based access control-access is based on a user's job function within an organization. Rule based access control-dynamically assign roles to subjects based on a set of rules defined by a custodian.
answer
access control models, how they work, strengths and weaknesses
question
most effective passwords are long and complex.-however these are difficult for users to memorize and then accurately recall when needed. users must remember passwords for many different accounts. for the highest level of security, each account password should be unique, which further strains human memory many security policies mandate that passwords expire after a set period of time, such as every 45-60 days.
answer
passwords.human memory, weaknesses
question
uses a cryptographic one-way function- instead of encrypting the password with another key, the password itself is the key. considered to be very weak for storing passwords. not case-sensitive, splits all passwords into 2 7-character parts, ntlm (new technology lan manager)- does not limit to 2 7-character parts.-does not support recent cryptographic methods. ntlmv2- uses Hashed Message Authentication Code with MD5.-not considered secure for creating digests because these hashing algorithms are designed to create a digest as quickly as possible.
answer
lan manager passwords, vulnerabilities
