11. During which phase of the access control process does the system answer the

Question

11. During which phase of the access control process does the system answer the question, "What can the requestor access?" A. Identification B. Authentication C. Authorization D. Accountability

12. Ed wants to make sure that his system is designed in a manner that allows tracing actions to an individual. Which phase of access control is Ed concerned about? A. Identification B. Authentication C. Authorization D. Accountability

13. Which type of authentication includes smart cards? A. Knowledge B. Ownership C. Location D. Action

14. Which one of the following is an example of two-factor authentication? A. Smart card and personal identification number (PIN) B. Personal identification number (PIN) and password C. Password and security questions D. Token and smart card

15. Which type of password attack attempts all possible combinations of a password in an attempt to guess the correct value? A. Dictionary attack B. Rainbow table attack C. Social engineering attack D. Brute-force attack

16. Which one of the following is NOT a commonly accepted best practice for password security? A. Use at least six alphanumeric characters. B. Do not include usernames in passwords. C. Include a special character in passwords. D. Include a mixture of uppercase characters, lowercase characters, and numbers in passwords.

17. Alan is evaluating different biometric systems and is concerned that users might not want to subject themselves to retinal scans due to privacy concerns. Which characteristic of a biometric system is he considering? A. Accuracy B. Reaction time C. Dynamism D. Acceptability

18. Which one of the following is NOT an advantage of biometric systems? A. Biometrics require physical presence. B. Biometrics are hard to fake. C. Users do not need to remember anything. D. Physical characteristics may change.

19. Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following? A. Least privilege B. Security through obscurity C. Need to know D. Separation of duties

20. Which of the following is NOT a benefit of cloud computing to organizations? A. On-demand provisioning B. Improved disaster recovery C. No need to maintain a data center D. Lower dependence on outside vendors

Explanation / Answer

Solution:

11. The answer is option B.

When you log on to a PC with a username and password you are authenticating . Authorization is the process of verifying that you have access to something. Identification is claiming you are somebody. Accountability is auditing.

12. The answer is D. Accountability. The individual activities and actions that user perform on systems, the resources they access and the connections they establish are all part of their accountability factor.

13. Smart card includes A. Knowledge . A smart card , typically a type of chip card, is a plastic card that contains an embedded computer chip either a memory or microprocessor type that stores and transacts data.

14. The answer is A. Smart card and personal identification number(PIN).

Two factor authentication essentially uses two steps to ensure that you are who you say you are.

15. The answer is D. Brute-force attack. The attacker systematically checks all possible password and pass phrases until the correct one is found in Brute force attack.

Related Questions

Navigate

• Browse (All)
• Browse 1
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.