Question 1

If a laptop needs to be taken off premises, ________.

Accepted Answer

A)  it should first be logged out. 
B)  it should be logged in when returned 
C)  all sensitive information should be removed 
D)  All of the above 
A)  it should first be logged out. 
B)  it should be logged in when returned 
C)  all sensitive information should be removed 
D)  All of the above

Question 2

Giving a user permissions to use a certain resource is ________.

Accepted Answer

A)  authentication 
B)  authorization 
C)  Both A and B 
D)  Neither A nor B 
A)  authentication 
B)  authorization 
C)  Both A and B 
D)  Neither A nor B

Question 3

Iris scanning usually is done surreptitiously.

Accepted Answer

A) True 
 B)False

Question 4

Identification requires more matches against templates than does verification.

Accepted Answer

A) True 
 B)False

Question 5

In biometric, a match occurs when a ________ meets the decision criteria.

Accepted Answer

A)  set of key features 
B)  match index 
C)  Both A and B 
D)  Neither A nor B 
A)  set of key features 
B)  match index 
C)  Both A and B 
D)  Neither A nor B

Question 6

From a security viewpoint, a false acceptance is always worse than a false rejection.

Accepted Answer

A) True 
 B)False

Question 7

The main standards used by firms to send security assertions to one another is LDAP.

Accepted Answer

A) True 
 B)False

Question 8

Users should select very long and complex passwords and use the same password at all sites for auditability.

Accepted Answer

A) True 
 B)False

Question 9

In Kerberos, the ________ is an encrypted session key that only the verifier can decrypt.

Accepted Answer

A)  ticket granting ticket 
B)  service ticket 
C)  Both A and B 
D)  Neither A nor B 
A)  ticket granting ticket 
B)  service ticket 
C)  Both A and B 
D)  Neither A nor B

Question 10

In federated identity management, firms ________.

Accepted Answer

A)  query one another's identity management databases 
B)  send assertions to one another 
C)  Both A and B 
D)  Neither A nor B 
A)  query one another's identity management databases 
B)  send assertions to one another 
C)  Both A and B 
D)  Neither A nor B

Question 11

In Active Directory, a domain controller contains ________.

Accepted Answer

A)  a RADIUS authentication server program 
B)  an Active Directory database 
C)  Both A and B 
D)  Neither A nor B 
A)  a RADIUS authentication server program 
B)  an Active Directory database 
C)  Both A and B 
D)  Neither A nor B

Question 12

Which of the following statements accurately describes fingerprint recognition?

Accepted Answer

A)  Fingerprint recognition scanners are very expensive. 
B)  Fingerprint recognition is easily deceived. 
C)  Fingerprint recognition is rarely used. 
D)  All of the above 
A)  Fingerprint recognition scanners are very expensive. 
B)  Fingerprint recognition is easily deceived. 
C)  Fingerprint recognition is rarely used. 
D)  All of the above

Question 13

A(n) ________ is a statement from Firm A that Firm B should accept as true if Firm B trusts Firm A.

Accepted Answer

A)  certification 
B)  assertion 
C)  certificate 
D)  attribute 
A)  certification 
B)  assertion 
C)  certificate 
D)  attribute

Question 14

The template is based on ________ generated during the enrollment scan.

Accepted Answer

A)  scan data 
B)  key features 
C)  Both A and B 
D)  Neither A nor B 
A)  scan data 
B)  key features 
C)  Both A and B 
D)  Neither A nor B

Question 15

A private key/public key pair is usually created by the ________.

Accepted Answer

A)  client 
B)  PKI server 
C)  Both A and B 
D)  Neither A nor B 
A)  client 
B)  PKI server 
C)  Both A and B 
D)  Neither A nor B

Question 16

Which of the following is not one of the rules for working in secure areas?

Accepted Answer

A)  Unsupervised work in secure areas should be avoided. 
B)  When no one is in a secure area, it should be locked and verified periodically. 
C)  No one should be allowed to work in secure areas for more than four hours in a row. 
D)  Electronic devices that can record or copy mass amounts of information should be forbidden in secure areas. 
A)  Unsupervised work in secure areas should be avoided. 
B)  When no one is in a secure area, it should be locked and verified periodically. 
C)  No one should be allowed to work in secure areas for more than four hours in a row. 
D)  Electronic devices that can record or copy mass amounts of information should be forbidden in secure areas.

Question 17

When assigning initial permissions, it is good to add more permissions than strictly necessary and then remove permissions if appropriate.

Accepted Answer

A) True 
 B)False

Question 18

Fingerprint recognition should be used as a security measure for access to ________.

Accepted Answer

A)  a non-essential supply cabinet 
B)  a notebook containing sensitive information 
C)  Both A and B 
D)  Neither A nor B 
A)  a non-essential supply cabinet 
B)  a notebook containing sensitive information 
C)  Both A and B 
D)  Neither A nor B

Question 19

Self-service identity management should be used to change a ________ in the identity database.

Accepted Answer

A)  password 
B)  telephone number 
C)  Both A and B 
D)  Neither A nor B 
A)  password 
B)  telephone number 
C)  Both A and B 
D)  Neither A nor B

Question 20

The principle of ________ states that each person should only get the permissions that he or she absolutely needs to do his or her job.

Accepted Answer

A)  appropriate authorizations 
B)  least permissions 
C)  minimization 
D)  All of the above. 
A)  appropriate authorizations 
B)  least permissions 
C)  minimization 
D)  All of the above.

If a laptop needs to be taken off premises, ________.

Giving a user permissions to use a certain resource is ________.

Iris scanning usually is done surreptitiously.

Identification requires more matches against templates than does verification.

In biometric, a match occurs when a ________ meets the decision criteria.

From a security viewpoint, a false acceptance is always worse than a false rejection.

The main standards used by firms to send security assertions to one another is LDAP.

Users should select very long and complex passwords and use the same password at all sites for auditability.

In Kerberos, the ________ is an encrypted session key that only the verifier can decrypt.

In federated identity management, firms ________.

In Active Directory, a domain controller contains ________.

Which of the following statements accurately describes fingerprint recognition?

A(n) ________ is a statement from Firm A that Firm B should accept as true if Firm B trusts Firm A.

The template is based on ________ generated during the enrollment scan.

A private key/public key pair is usually created by the ________.

Which of the following is not one of the rules for working in secure areas?

When assigning initial permissions, it is good to add more permissions than strictly necessary and then remove permissions if appropriate.

Fingerprint recognition should be used as a security measure for access to ________.

Self-service identity management should be used to change a ________ in the identity database.

The principle of ________ states that each person should only get the permissions that he or she absolutely needs to do his or her job.

The Threat Environment

Planning and Policy

Cryptography

Secure Networks

Firewalls

Host Hardening

Application Security

Data Protection

Incident and Disaster Response

Module A: Networking Concepts

Filters

Exam 5: Access Control

If a laptop needs to be taken off premises, ________.

Giving a user permissions to use a certain resource is ________.

Iris scanning usually is done surreptitiously.

Identification requires more matches against templates than does verification.

In biometric, a match occurs when a ________ meets the decision criteria.

From a security viewpoint, a false acceptance is always worse than a false rejection.

The main standards used by firms to send security assertions to one another is LDAP.

Users should select very long and complex passwords and use the same password at all sites for auditability.

In Kerberos, the ________ is an encrypted session key that only the verifier can decrypt.

In federated identity management, firms ________.

In Active Directory, a domain controller contains ________.

Which of the following statements accurately describes fingerprint recognition?

A(n) ________ is a statement from Firm A that Firm B should accept as true if Firm B trusts Firm A.

The template is based on ________ generated during the enrollment scan.

A private key/public key pair is usually created by the ________.

Which of the following is not one of the rules for working in secure areas?

When assigning initial permissions, it is good to add more permissions than strictly necessary and then remove permissions if appropriate.

Fingerprint recognition should be used as a security measure for access to ________.

Self-service identity management should be used to change a ________ in the identity database.

The principle of ________ states that each person should only get the permissions that he or she absolutely needs to do his or her job.

The Threat Environment

Planning and Policy

Cryptography

Secure Networks

Firewalls

Host Hardening

Application Security

Data Protection

Incident and Disaster Response

Module A: Networking Concepts

Filters