Deck 3: User Authentication

User authentication is a procedure that allows communicating parties to
verify that the contents of a received message have not been altered and that the source is authentic.

Keylogging is a form of host attack.

A good technique for choosing a password is to use the first letter of
each word of a phrase.

Identifiers should be assigned carefully because authenticated
identities are the basis for other security services.

An individual's signature is not unique enough to use in biometric
applications.

Enrollment creates an association between a user and the user's
biometric characteristics.

A smart card contains an entire microprocessor.

User authentication is the fundamental building block and the primary
line of defense.

Identification is the means of establishing the validity of a claimed
identity provided by a user.

Depending on the application,user authentication on a biometric
system involves either verification or identification.

Memory cards store and process data.

In a biometric scheme some physical characteristic of the individual is
mapped into a digital representation.

Depending on the details of the overall authentication
system,the registration authority issues some sort of electronic credential to the subscriber.

User authentication is the basis for most types of access control and for
user accountability.

A host generated random number is often called a __________.

The __________ is the pattern formed by veins beneath the retinal surface.

The technique for developing an effective and efficient proactive password checker based on rejecting words on a list is based on the use of a __________ filter.

A __________ is a separate file from the user IDs where hashed passwords are kept.

Authentication protocols used with smart tokens can be classified into three categories: static,dynamic password generator,and ___________.

A __________ authentication system attempts to authenticate an individual based on his or her unique physical characteristics.

With the __________ policy a user is allowed to select their own password,but the system checks to see if the password is allowable.

Objects that a user possesses for the purpose of user authentication are called ______

An authentication process consists of the _________ step and the verification step.

Voice pattern,handwriting characteristics,and typing rhythm are examples of __________ biometrics.

A __________ is an individual to whom a debit card is issued.

A __________ attack attempts to disable a user authentication service by flooding the service with numerous authentication attempts.

In a __________ attack,an application or physical device masquerades as an authentic application or device for the purpose of capturing a user password,passcode,or biometric.

The __________ step is presenting or generating authentication information that corroborates the binding between the entity and the identifier.

__________,in the context of passwords,refers to an adversary's attempt to learn the password by observing the user,finding a written copy of the password,or some similar attack that involves the physical proximity of user and adversary.