Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

PROBLEM 5 - Authentication and Authorization Controls (20 points) (5 pts each) a

ID: 3596381 • Letter: P

Question

PROBLEM 5 - Authentication and Authorization Controls (20 points) (5 pts each)

a) Which of the following is the best solution to protect the confidentiality of data on a laptop in the case it is stolen?

A) File level encryption with alphanumeric passwords

B) Biometric authentication and cloud storage

C) Whole disk encryption with two-factor authentication

D) BIOS passwords and two-factor authentication

b) Which of the following is the most secure technique to authenticate users?

A) Establish biometric access through a secured server or Web site.

B) Maintain correct and accurate ACLs (access control lists) to allow access to applications.

C) Ensure the person is authenticated by something he knows and something he has.

D) Allow access only through user ID and password.

c) Kerberos can prevent which one of the following attacks?

A) Process attack.

B) Playback (replay) attack.

C) Destructive attack.

D) Tunneling attack.

d) Which of the following situations makes Public Key Infrastructure (PKI) most vulnerable?

A) All public keys are accessed by an unauthorized user.

B) A malicious Certificate Authority (CA) certificate is loaded on all the clients.

C) The recorded time offsets are developed with symmetric keys.

D) The Certificate Revocation List (CRL) is posted to a publicly accessible location.

Explanation / Answer

a) C) Whole disk encryption with two-factor authentication

If we encrypt whole disk with 2 factor authentication then no one can access the data on that disk unless knowing the passwords to decrypt.

b) B) Maintain correct and accurate ACLs (access control lists) to allow access to applications.

Among the given this is the best secure way but it is quite difficult to implement this.

c) B) Playback (replay) attack.

d) B) A malicious Certificate Authority (CA) certificate is loaded on all the clients.

If invalid CA is loaded then it is easy to perform Man-In the Middle attack's.

Related Questions

PROBLEM 3-18. You Get What You Measure! The Plastic Glow Company makes glow stic
Question #2587657
PROBLEM 3-2 WORKING WITH INCOME STATEMENT Prepare an income statement and a inco
Question #2825480
PROBLEM 3-25 Changes in Fixed and Variable Expenses; Break-Even and Target Profi
Question #341829
PROBLEM 3-25 Changes in Fixed and Variable Expenses; Break-Even and Target Profi
Question #342350
PROBLEM 3-25 Changes in Fixed and Variable Expenses; Break-Even and Target Profi
Question #2541321
PROBLEM 3-25 Changes in Fixed and VariableE L03-4, LO3-5, LO3-6) Neptune Company
Question #342140
PROBLEM 3-6. Journal Entries in Process Costing [LO 11 The Wilmont Box Company p
Question #2605273
PROBLEM 3-8 points In this circuit, the bulbs are identical, with each bulb havi
Question #1579040
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
PROBLEM 5 (Problem 16-9, Textbook) A small municipal water supply treats a maxim
Next
PROBLEM 5 -8 points [2 points] (a) You put some water in a glass, and then drop

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.