A secret combination of letters, numbers, and/or characters that only the user should have knowledge of, is known as a: Show Question 1 options: token password biometric detail challenge What is the center of the weakness of passwords? Question 2 options: human memory encryption technology handshake technology human reliability Passwords that are transmitted can be captured by what type of software? Question 3 options: application analyzer system analyzer function analyzer protocol analyzer What type of attack involves an attacker stealing a file containing password digests and comparing the digests with digests created by the attacker? Question 4 options: offline cracking online cracking hash replay token replay What type of attack involves using every possible combination of letters, numbers, and characters to create candidate digests that are then matched against those in a stolen digest file? Question 5 options: Space division Brute force Known ciphertext Known plaintext What variation of a dictionary attack involves a dictionary attack combined with a brute force attack, and will slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters? Question 6 options: brute force hash replay network replay hybrid The use of what item below involves the creation of a large pregenerated data set of candidate digests? Question 7 options: Rainbow tables Randomized character list Word list Cascade tables What kind of biometrics utilizes a person's unique physical characteristics for authentication, such as fingerprints or unique characteristics of a person's face? Question 8 options: Cognitive biometrics Reactive biometrics Standard biometrics Affective biometrics Which term below describes the time it takes for a key to be pressed and then released? Question 9 options: Dwell time Lead time Sync time Show time Which type of biometrics is based on the perception, thought process, and understanding of the user? Question 10 options: Standard biometrics Reactive biometrics Cognitive biometrics Affective biometrics The use of a single authentication credential that is shared across multiple networks is called: Question 11 options: Access management Authorization management Identity management Risk management The use of one authentication credential to access multiple accounts or applications is referred to as? Question 12 options: Individual Sign On Single Sign On Unilateral Sign On Federated Sign On What technology allows users to share resources stored on one site with a second site without forwarding their authentication credentials to the other site? Question 13 options: OpenAuth OAuth SAML Kerberos Select below the decentralized open-source FIM that does not require specific software to be installed on the desktop: Question 14 options: OAuth OpenID Windows Live ID OpenPass What federated identity management (FIM) relies on token credentials? Question 15 options: OAuth OpenID Windows Live OpenPass A U.S. Department of Defense (DoD) smart card that is used for identification of active-duty and reserve military personnel along with civilian employees and special contractors is called: Question 16 options: Common Access Card (CAC) Identity Validation Card (IVC) Credential Validation Card (CVC) Personal Credential Card (PCC) What can be used to increase the strength of hashed passwords? Question 17 options: Salt Key stretching Double hashing Crypting A list of the available nonkeyboard characters can be seen in Windows by opening what utility? Question 18 options: charmap.exe charlist.exe chardump.exe listchar.exe Which hashing algorithm below is used with NTLMv2's Hashed Message Authentication Code? Question 19 options: SHA-1 SHA-256 MD4 MD5 What type of one-time password (OTP) changes after a set time period? Question 20 options: HMAC-Based one-time password (HOTP) Period-based one-time password (POTP) Time-based one-time password (TOTP) Interval-based one-time password (IOTP) Time-based one-time password (TOTP) Which type of attack is a combination of both the brute force attack and the dictionary attack?A hybrid attack usually mixes dictionary and brute force attacks. These attacks are used to figure out combo passwords that mix common words with random characters.
What is a dictionary attack quizlet?A dictionary attack attempts to crack passwords by using a password file that often contains tens of thousands of standard and obvious passwords. The hacker automates the process of using one after the other from the file until the crack succeeds or the attacker runs out of passwords.
What is a brute force attack quizlet?Brute force attack. An attack on passwords or encryption that tries every possible password or encryption key. Online brute force attack. cryptographic attack where the attacker tries to enter a succession of passwords using the same interface as the target user application; slow and most accounts lock you out.
Which access control model can dynamically assign roles to subjects based on a set of defined rules?Rule-Based Access Control
Rule-Based Access Control will dynamically assign roles to users based on criteria defined by the custodian or system administrator.
|