security chapter 12 – Flashcards

Unlock all answers in this set

Unlock answers
question
OpenID is an example of a web-based federated identity management (FIM) system.? True False
answer
True
question
Which term below describes the time it takes for a key to be pressed and then released? Dwell time Lead time Sync time Show time
answer
Dwell time
question
What kind of biometrics utilizes a person's unique physical characteristics for authentication, such as fingerprints or unique characteristics of a person's face? Cognitive biometrics Reactive biometrics Standard biometrics Affective biometrics
answer
Standard biometrics
question
What variation of a dictionary attack involves a dictionary attack combined with a brute force attack, and will slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters? brute force hash replay network replay hybrid
answer
hybrid
question
?A list of the available nonkeyboard characters can be seen in Windows by opening what utility? ?charmap.exe ?charlist.exe ?chardump.exe ?listchar.exe
answer
charmap.exe
question
?A U.S. Department of Defense (DoD) smart card that is used for identification of active-duty and reserve military personnel along with civilian employees and special contractors is called: ?Common Access Card (CAC) ?Identity Validation Card (IVC) ?Credential Validation Card (CVC) ?Personal Credential Card (PCC)
answer
?Common Access Card (CAC)
question
A secret combination of letters, numbers, and/or characters that only the user should have knowledge of, is known as a: token password biometric detail challenge
answer
password
question
Token credentials can be revoked at any time by the user without affecting other token credentials issued to other sites. True False
answer
Token credentials can be revoked at any time by the user without affecting other token credentials issued to other sites.
question
The use of one authentication credential to access multiple accounts or applications is referred to as? Individual Sign On Single Sign On Unilateral Sign On Federated Sign On
answer
Single Sign On
question
Geolocation is the identification of the location of a person or object using technology, and can be used as part of an authentication method.? True False
answer
True
question
What is the center of the weakness of passwords? human memory encryption technology handshake technology human reliability
answer
human memory
question
What type of attack involves using every possible combination of letters, numbers, and characters to create candidate digests that are then matched against those in a stolen digest file? Space division Brute force Known ciphertext Known plaintext
answer
Brute force
question
Passwords provide strong protection. True False
answer
False
question
The use of a single authentication credential that is shared across multiple networks is called: Access management Authorization management Identity management Risk management
answer
Identity management
question
What technology allows users to share resources stored on one site with a second site without forwarding their authentication credentials to the other site? OpenAuth OAuth SAML Kerberos
answer
OAuth
question
Using a rainbow table to crack a password requires three steps: Creation of the table, comparing the table to known hash values, and decrypting the password. True False
answer
False
question
?What federated identity management (FIM) relies on token credentials? ?OAuth ?OpenID ?Windows Live ?OpenPass
answer
OAuth
question
Passwords that are transmitted can be captured by what type of software? application analyzer system analyzer function analyzer protocol analyzer
answer
protocol analyzer
question
?Select below the decentralized open-source FIM that does not require specific software to be installed on the desktop: ?OAuth ?OpenID ?Windows Live ID ?OpenPass
answer
OpenID
question
The use of what item below involves the creation of a large pregenerated data set of candidate digests? Rainbow tables Randomized character list Word list Cascade tables
answer
Rainbow tables
question
Using one authentication credential to access multiple accounts or applications
answer
Single sign-on
question
Five elements that can prove the genuineness of a user: what you know, what you have, what you are, what you do, and where you are.
answer
authentication factors
question
A small device that can be affixed to a keychain with a window display that shows a code to be used for authentication.
answer
token
question
A password attack in which every possible combination of letters, numbers, and characters is used to create encrypted passwords that are matched against those in a stolen password file.
answer
brute force attack
question
A password hashing algorithm that requires significantly more time than standard hashing algorithms to create the digest
answer
key stretching
question
A popular key stretching password hash algorithm.
answer
Bcrypt
question
A random string that is used in hash algorithms.
answer
salt
question
A password attack that slightly alters dictionary words by adding numbers to the end of the password, spelling words backward, slightly mispelling words, or including special characters.
answer
hybrid attack
question
A hash used by modern Microsoft Windows operating systems for creating password digests.
answer
NTLM (new technology LAN Manager) hash
question
A password attack that creates encrypted versions of common dictionary words and compares them against those in a stolen password file..
answer
Dictionary attack
Get an explanation on any task
Get unstuck with the help of our AI assistant in seconds
New