Question 1

A person or process that requests access is known as the supplicant.

Accepted Answer

A) True 
 B)False

Question 2

For group or team work in a company, it is often recommended that all group members share a single account and, therefore, a single password.

Accepted Answer

A) True 
 B)False

Question 3

Which of the following is FALSE in regard to the comparison of access control to RBAC and individual accounts?

Accepted Answer

A)  RBAC is less prone to error 
B)  RBAC is more expensive 
C)  RBAC has fewer assignments to make 
D)  RBAC is cheaper 
A)  RBAC is less prone to error 
B)  RBAC is more expensive 
C)  RBAC has fewer assignments to make 
D)  RBAC is cheaper

Question 4

What approximate percentage of calls to help desks involve lost passwords?

Accepted Answer

A)  More than half 
B)  Approximately a quarter to a third 
C)  Approximately half 
D)  30 to 60 
A)  More than half 
B)  Approximately a quarter to a third 
C)  Approximately half 
D)  30 to 60

Question 5

Which of the following statements accurately describes fingerprint recognition?

Accepted Answer

A)  Fingerprint recognition is fairly unknown to the general population. 
B)  Fingerprint scanners account for just a small fraction of the total biometrics market. 
C)  Fingerprint recognition scanners are very expensive. 
D)  Fingerprint recognition technology is well developed. 
A)  Fingerprint recognition is fairly unknown to the general population. 
B)  Fingerprint scanners account for just a small fraction of the total biometrics market. 
C)  Fingerprint recognition scanners are very expensive. 
D)  Fingerprint recognition technology is well developed.

Question 6

When a reader in a biometric authentication system scans a person's biometric data, what is used?

Accepted Answer

A)  The entire data set that is processed 
B)  The first 1056 bytes of data 
C)  The first 256 characters of data 
D)  A few key features 
A)  The entire data set that is processed 
B)  The first 1056 bytes of data 
C)  The first 256 characters of data 
D)  A few key features

Question 7

In federated identity management, firms ________.

Accepted Answer

A)  send assertions to one another 
B)  query one another's identity management databases 
C)  authenticate users 
D)  provide verification 
A)  send assertions to one another 
B)  query one another's identity management databases 
C)  authenticate users 
D)  provide verification

Question 8

When a user is scanned a second time, the reader in a biometric authentication system processes the ________ information to create key features.

Accepted Answer

A)  user access data 
B)  supplicant scanning 
C)  acceptance 
D)  match index 
A)  user access data 
B)  supplicant scanning 
C)  acceptance 
D)  match index

Question 9

Authorizations for individuals can also be referred to as ________.

Accepted Answer

A)  user access data 
B)  permissions 
C)  supplicant scanning 
D)  acceptance 
A)  user access data 
B)  permissions 
C)  supplicant scanning 
D)  acceptance

Question 10

PKI servers must support the downloading of ________ and must respond to ________ queries.

Accepted Answer

A)  CRLs; OCSP 
B)  PKIs; CA 
C)  CRLs; CA 
D)  HMACs; CA 
A)  CRLs; OCSP 
B)  PKIs; CA 
C)  CRLs; CA 
D)  HMACs; CA

Question 11

Which of the following is NOT a part of central authentication servers?

Accepted Answer

A)  They reduce costs. 
B)  They give consistency in authentication no matter where a user or attacker comes into the network. 
C)  They only allow authentication to networks when employees are at the same physical locations as the servers. 
D)  They allow company-wide changes to be made instantly. 
A)  They reduce costs. 
B)  They give consistency in authentication no matter where a user or attacker comes into the network. 
C)  They only allow authentication to networks when employees are at the same physical locations as the servers. 
D)  They allow company-wide changes to be made instantly.

Question 12

A potential benefit of identity management is ________.

Accepted Answer

A)  SAML 
B)  MS-Chap 
C)  SSO 
D)  XML 
A)  SAML 
B)  MS-Chap 
C)  SSO 
D)  XML

Question 13

Auditing predicts what a person or program is likely to do in the future.

Accepted Answer

A) True 
 B)False

Question 14

In following the principle of least permissions, each person should only get the permissions that he or she absolutely needs to do his or her job.

Accepted Answer

A) True 
 B)False

Question 15

Media such as cameras and mobile phones with cameras in secured areas may allow a physical penetration attacker to steal information.

Accepted Answer

A) True 
 B)False

Question 16

Which of the following is NOT one of the three major elements of an assertion?

Accepted Answer

A)  Authenticity 
B)  Authorization 
C)  Attributes 
D)  Nodes 
A)  Authenticity 
B)  Authorization 
C)  Attributes 
D)  Nodes

Question 17

For easy remembering, many companies suggest that you record a PIN that you've selected on the physical access card you've been given.

Accepted Answer

A) True 
 B)False

Question 18

The OU is a shortcut way of referring to a node.

Accepted Answer

A) True 
 B)False

Question 19

Magnetic stripe cards are________, only containing data; smart cards are ________.

Accepted Answer

A)  passive; active 
B)  physical; virtual 
C)  not secure; secure 
D)  new technology; old technology 
A)  passive; active 
B)  physical; virtual 
C)  not secure; secure 
D)  new technology; old technology

Question 20

Typically, military and national security organizations have a multilevel security system.

Accepted Answer

A) True 
 B)False

A person or process that requests access is known as the supplicant.

For group or team work in a company, it is often recommended that all group members share a single account and, therefore, a single password.

Which of the following is FALSE in regard to the comparison of access control to RBAC and individual accounts?

What approximate percentage of calls to help desks involve lost passwords?

Which of the following statements accurately describes fingerprint recognition?

When a reader in a biometric authentication system scans a person's biometric data, what is used?

In federated identity management, firms ________.

When a user is scanned a second time, the reader in a biometric authentication system processes the ________ information to create key features.

Authorizations for individuals can also be referred to as ________.

PKI servers must support the downloading of and must respond to queries.

Which of the following is NOT a part of central authentication servers?

A potential benefit of identity management is ________.

Auditing predicts what a person or program is likely to do in the future.

In following the principle of least permissions, each person should only get the permissions that he or she absolutely needs to do his or her job.

Media such as cameras and mobile phones with cameras in secured areas may allow a physical penetration attacker to steal information.

Which of the following is NOT one of the three major elements of an assertion?

For easy remembering, many companies suggest that you record a PIN that you've selected on the physical access card you've been given.

The OU is a shortcut way of referring to a node.

Magnetic stripe cards are, only containing data; smart cards are .

Typically, military and national security organizations have a multilevel security system.

The Threat Environment

Planning and Policy

Cryptography

Secure Networks

Firewalls

Host Hardening

Application Security

Data Protection

Incident and Disaster Response

Module a Networking Concepts

Filters

Exam 5: Access Control

A person or process that requests access is known as the supplicant.

For group or team work in a company, it is often recommended that all group members share a single account and, therefore, a single password.

Which of the following is FALSE in regard to the comparison of access control to RBAC and individual accounts?

What approximate percentage of calls to help desks involve lost passwords?

Which of the following statements accurately describes fingerprint recognition?

When a reader in a biometric authentication system scans a person's biometric data, what is used?

In federated identity management, firms ________.

When a user is scanned a second time, the reader in a biometric authentication system processes the ________ information to create key features.

Authorizations for individuals can also be referred to as ________.

PKI servers must support the downloading of ________ and must respond to ________ queries.

Which of the following is NOT a part of central authentication servers?

A potential benefit of identity management is ________.

Auditing predicts what a person or program is likely to do in the future.

In following the principle of least permissions, each person should only get the permissions that he or she absolutely needs to do his or her job.

Media such as cameras and mobile phones with cameras in secured areas may allow a physical penetration attacker to steal information.

Which of the following is NOT one of the three major elements of an assertion?

For easy remembering, many companies suggest that you record a PIN that you've selected on the physical access card you've been given.

The OU is a shortcut way of referring to a node.

Magnetic stripe cards are________, only containing data; smart cards are ________.

Typically, military and national security organizations have a multilevel security system.

The Threat Environment

Planning and Policy

Cryptography

Secure Networks

Firewalls

Host Hardening

Application Security

Data Protection

Incident and Disaster Response

Module a Networking Concepts

Filters

PKI servers must support the downloading of and must respond to queries.

Magnetic stripe cards are, only containing data; smart cards are .