Question 1

What can be used to increase the strength of hashed passwords?

Accepted Answer

A) salt 
B) key stretching 
C) double hashing 
D) single crypting 
A) salt 
B) key stretching 
C) double hashing 
D) single crypting A

Question 2

Which of the following are key stretching password hash algorithms? (Choose all that apply. )

Accepted Answer

A) bcrypt 
B) PBKDF2 
C) seq02 
D) SHA-256 
A) bcrypt 
B) PBKDF2 
C) seq02 
D) SHA-256 A,B

Question 3

Hash algorithms like MD5 and SHA are considered secure for creating digests because these hashing algorithms are designed to create a digest as strong as possible.

Accepted Answer

A) True 
 B)False  False

Question 4

Discuss the types of shortcuts that users take to help them recall their passwords.

Accepted Answer

Because of the burdens that passwords pl

Question 5

What federation system technology uses federation standards to provide SSO and exchanging attributes?

Accepted Answer

A) OAuth 
B) Open ID Connect 
C) Windows Live ID 
D) Shibboleth 
A) OAuth 
B) Open ID Connect 
C) Windows Live ID 
D) Shibboleth

Question 6

Keystroke dynamics uses two unique typing variables.

Accepted Answer

A) True 
 B)False

Question 7

What option below represents an example of behavioral biometrics?

Accepted Answer

A) user dynamics 
B) keystroke dynamics 
C) facial recognition 
D) fingerprint recognition 
A) user dynamics 
B) keystroke dynamics 
C) facial recognition 
D) fingerprint recognition

Question 8

What term best describes managing the login credentials such as passwords in user accounts?

Accepted Answer

A) account management 
B) user management 
C) credential management 
D) password management 
A) account management 
B) user management 
C) credential management 
D) password management

Question 9

What type of attack involves using every possible combination of letters,numbers,and characters to create candidate digests that are then matched against those in a stolen digest file?

Accepted Answer

A) Space division 
B) Brute force 
C) Known ciphertext 
D) Known plaintext 
A) Space division 
B) Brute force 
C) Known ciphertext 
D) Known plaintext

Question 10

Which type of biometrics is based on the perception,thought process,and understanding of the user?

Accepted Answer

A) cognitive biometrics 
B) reactive biometrics 
C) standard biometrics 
D) physical biometrics 
A) cognitive biometrics 
B) reactive biometrics 
C) standard biometrics 
D) physical biometrics

Question 11

Most password attacks today are an offline attack.

Accepted Answer

A) True 
 B)False

Question 12

Why should account passwords be disabled instead of the account being immediately deleted?

Accepted Answer

Account passwords should be disabled (ma

Question 13

Which of the following account lockout policy settings determines the number of failed login attempts before a lockout occurs?

Accepted Answer

A) system lockout threshold 
B) account lockout threshold 
C) administrator lockout threshold 
D) user lockout threshold 
A) system lockout threshold 
B) account lockout threshold 
C) administrator lockout threshold 
D) user lockout threshold

Question 14

What variation of a dictionary attack involves a dictionary attack combined with a brute force attack,and will slightly alter dictionary words by adding numbers to the end of the password,spelling words backward,slightly misspelling words,or including special characters?

Accepted Answer

A) brute force 
B) hash replay 
C) network replay 
D) hybrid 
A) brute force 
B) hash replay 
C) network replay 
D) hybrid

Question 15

Passwords provide strong protection.

Accepted Answer

A) True 
 B)False

Question 16

What type of authentication is based on what the user has?

Accepted Answer

A) software token 
B) hardware token 
C) security token 
D) identity token 
A) software token 
B) hardware token 
C) security token 
D) identity token

Question 17

A hardware security token is typically a small device with a window display.

Accepted Answer

A) True 
 B)False

Question 18

The use of what item below involves the creation of a large pre-generated data set of candidate digests?

Accepted Answer

A) rainbow tables 
B) randomized character list 
C) word list 
D) cascade tables 
A) rainbow tables 
B) randomized character list 
C) word list 
D) cascade tables

Question 19

Describe how rainbow tables work.

Accepted Answer

Rainbow tables make password attacks eas

Question 20

Which of the following options prevents a logon after a set number of failed logon attempts within a specified period and can also specify the length of time that the lockout is in force?

Accepted Answer

A) password lock 
B) logon lock 
C) password lockout 
D) logon lockout 
A) password lock 
B) logon lock 
C) password lockout 
D) logon lockout

What can be used to increase the strength of hashed passwords?

Which of the following are key stretching password hash algorithms? (Choose all that apply. )

Hash algorithms like MD5 and SHA are considered secure for creating digests because these hashing algorithms are designed to create a digest as strong as possible.

Discuss the types of shortcuts that users take to help them recall their passwords.

What federation system technology uses federation standards to provide SSO and exchanging attributes?

Keystroke dynamics uses two unique typing variables.

What option below represents an example of behavioral biometrics?

What term best describes managing the login credentials such as passwords in user accounts?

What type of attack involves using every possible combination of letters,numbers,and characters to create candidate digests that are then matched against those in a stolen digest file?

Which type of biometrics is based on the perception,thought process,and understanding of the user?

Most password attacks today are an offline attack.

Why should account passwords be disabled instead of the account being immediately deleted?

Which of the following account lockout policy settings determines the number of failed login attempts before a lockout occurs?

What variation of a dictionary attack involves a dictionary attack combined with a brute force attack,and will slightly alter dictionary words by adding numbers to the end of the password,spelling words backward,slightly misspelling words,or including special characters?

Passwords provide strong protection.

What type of authentication is based on what the user has?

A hardware security token is typically a small device with a window display.

The use of what item below involves the creation of a large pre-generated data set of candidate digests?

Describe how rainbow tables work.

Which of the following options prevents a logon after a set number of failed logon attempts within a specified period and can also specify the length of time that the lockout is in force?

Introduction to Security

Malware and Social Engineering Attacks

Basic Cryptography

Advanced Cryptography and PKI

Networking and Server Attacks

Network Security Devices, Design, and Technology

Administering a Secure Network

Wireless Network Security

Client and Application Security

Mobile and Embedded Device Security

Access Management

Vulnerability Assessment and Data Security

Business Continuity

Risk Mitigation

Filters

Exam 11: Authentication and Account Management

What can be used to increase the strength of hashed passwords?

Which of the following are key stretching password hash algorithms? (Choose all that apply. )

Hash algorithms like MD5 and SHA are considered secure for creating digests because these hashing algorithms are designed to create a digest as strong as possible.

Discuss the types of shortcuts that users take to help them recall their passwords.

What federation system technology uses federation standards to provide SSO and exchanging attributes?

Keystroke dynamics uses two unique typing variables.

What option below represents an example of behavioral biometrics?

What term best describes managing the login credentials such as passwords in user accounts?

What type of attack involves using every possible combination of letters,numbers,and characters to create candidate digests that are then matched against those in a stolen digest file?

Which type of biometrics is based on the perception,thought process,and understanding of the user?

Most password attacks today are an offline attack.

Why should account passwords be disabled instead of the account being immediately deleted?

Which of the following account lockout policy settings determines the number of failed login attempts before a lockout occurs?

What variation of a dictionary attack involves a dictionary attack combined with a brute force attack,and will slightly alter dictionary words by adding numbers to the end of the password,spelling words backward,slightly misspelling words,or including special characters?

Passwords provide strong protection.

What type of authentication is based on what the user has?

A hardware security token is typically a small device with a window display.

The use of what item below involves the creation of a large pre-generated data set of candidate digests?

Describe how rainbow tables work.

Which of the following options prevents a logon after a set number of failed logon attempts within a specified period and can also specify the length of time that the lockout is in force?

Introduction to Security

Malware and Social Engineering Attacks

Basic Cryptography

Advanced Cryptography and PKI

Networking and Server Attacks

Network Security Devices, Design, and Technology

Administering a Secure Network

Wireless Network Security

Client and Application Security

Mobile and Embedded Device Security

Access Management

Vulnerability Assessment and Data Security

Business Continuity

Risk Mitigation

Filters