Week 12 – Flashcards
Unlock all answers in this set
Unlock answersquestion
Select below the decentralized open-source FIM that does not require specific software to be installed on the desktop:
answer
OpenID
question
Which hashing algorithm below is used with NTLMv2's Hashed Message Authentication Code?
answer
MD5
question
Passwords that are transmitted can be captured by what type of software?
answer
protocol analyzer
question
What variation of a dictionary attack involves a dictionary attack combined with a brute force attack, and will slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters?
answer
hybrid
question
What federated identity management (FIM) relies on token credentials?
answer
OAuth
question
Token credentials can be revoked at any time by the user without affecting other token credentials issued to other sites.
answer
True
question
The use of one authentication credential to access multiple accounts or applications is referred to as?
answer
Single Sign On
question
Using a rainbow table to crack a password requires three steps: Creation of the table, comparing the table to known hash values, and decrypting the password.
answer
False
question
What technology allows users to share resources stored on one site with a second site without forwarding their authentication credentials to the other site?
answer
OAuth
question
What type of one-time password (OTP) changes after a set time period?
answer
HMAC-Based one-time password (HOTP)
question
What is the center of the weakness of passwords?
answer
human memory
question
?A U.S. Department of Defense (DoD) smart card that is used for identification of active-duty and reserve military personnel along with civilian employees and special contractors is called:
answer
Common Access Card (CAC)
question
What type of attack involves using every possible combination of letters, numbers, and characters to create candidate digests that are then matched against those in a stolen digest file?
answer
Brute force
question
What kind of biometrics utilizes a person's unique physical characteristics for authentication, such as fingerprints or unique characteristics of a person's face?
answer
Standard biometrics
question
What can be used to increase the strength of hashed passwords??
answer
Salt
question
A secret combination of letters, numbers, and/or characters that only the user should have knowledge of, is known as a:
answer
password
question
Passwords provide strong protection.
answer
False
question
The use of what item below involves the creation of a large pregenerated data set of candidate digests?
answer
Rainbow tables
question
A list of the available nonkeyboard characters can be seen in Windows by opening what utility?
answer
?charmap.exe
question
Which type of biometrics is based on the perception, thought process, and understanding of the user?
answer
Cognitive biometrics
question
OpenID is an example of a web-based federated identity management (FIM) system.?
answer
True
question
Which term below describes the time it takes for a key to be pressed and then released?
answer
Dwell time
question
Geolocation is the identification of the location of a person or object using technology, and can be used as part of an authentication method.?
answer
True
question
The use of a single authentication credential that is shared across multiple networks is called:
answer
Identity management
question
What type of attack involves an attacker stealing a file containing password digests and comparing the digests with digests created by the attacker?
answer
offline cracking
