Prog-350 Review Questions Chapters 9-11

60 Questions  I  By MrsQ
Please take the quiz to rate it.

Online Exam Quizzes & Trivia

  
Changes are done, please start the quiz.


Questions and Answers

Removing question excerpt is a premium feature

Upgrade and get a lot more done!
  • 1. 
    A RADIUS authentication server requires that the _____ be authenticated first.authentication server.
    • A. 

      Authentication server

    • B. 

      Supplicant

    • C. 

      Authenticator

    • D. 

      User


  • 2. 
    Each of the following make up the AAA elements in network security except _______.
    • A. 

      Controlling access to network resources (authentication)

    • B. 

      Enforcing security policies (authorization)

    • C. 

      Determining user need (analyzing)

    • D. 

      Auditing usage (accounting)


  • 3. 
    With the development of IEEE 802.1x port security, the authentication server _____ has seen even greater usage.
    • A. 

      RDAP

    • B. 

      DAP

    • C. 

      RADIUS

    • D. 

      AAA


  • 4. 
    _____ is an authentication protocol available as a free download that runs on Microsoft Windows 7/Vista, Windows Server 2008, Apple Mac OS X, and Linux.
    • A. 

      IEEE 802.1x

    • B. 

      RADIUS

    • C. 

      Kerberos

    • D. 

      LDAP


  • 5. 
    The version of the X.500 standard that runs on a personal computer over TCP/IP is_____.
    • A. 

      DAP

    • B. 

      LDAP

    • C. 

      IEEE X.501

    • D. 

      Lite RDAP


  • 6. 
    A user entering her user name would correspond to the _____ action in access control.
    • A. 

      Authentication

    • B. 

      Identification

    • C. 

      Authorization

    • D. 

      Access


  • 7. 
    A process functioning on behalf of the user that attempts to access a file is known as a(n) _______.
    • A. 

      Object

    • B. 

      Subject

    • C. 

      Resource

    • D. 

      Operation check


  • 8. 
    The individual who periodically reviews security settings and maintains records of access by users is called the _____.
    • A. 

      Supervisor

    • B. 

      Owner

    • C. 

      Custodian

    • D. 

      Manager


  • 9. 
    In the _____ model, the end user cannot change any security settings.
    • A. 

      Discretionary Access Control

    • B. 

      Security Access Control

    • C. 

      Mandatory Access Control

    • D. 

      Restricted Access Control


  • 10. 
    Rule Based Access Control _____.
    • A. 

      Is considered obsolete today

    • B. 

      Dynamically assigns roles to subjects based on rules

    • C. 

      Is considered a real-world approach by linking a user’s job function with security

    • D. 

      Requires that a custodian set all rules


  • 11. 
    Separation of duties requires that _____.
    • A. 

      Processes should be divided between two or more individuals

    • B. 

      End users cannot set security for themselves

    • C. 

      Managers must monitor owners for security purposes

    • D. 

      Jobs be rotated among different individuals


  • 12. 
    _____ in access control means that if a condition is not explicitly met then access is to be rejected.
    • A. 

      Denial of duties

    • B. 

      Implicit deny

    • C. 

      Explicit rejection

    • D. 

      Prevention control


  • 13. 
    A(n) _____ is a set of permissions that is attached to an object.
    • A. 

      Access control list (ACL)

    • B. 

      Subject Access Entity (SAE)

    • C. 

      Object modifier

    • D. 

      Security entry designator


  • 14. 
    _____ is a Microsoft Windows feature that provides centralized management and configuration of computers and remote users who are using Active Directory.
    • A. 

      Windows Register Settings

    • B. 

      Group Policy

    • C. 

      Resource Allocation Entities

    • D. 

      AD Management Services (ADMS)


  • 15. 
    A(n) _____ constructs LDAP statements based on user inputs in order to retrieve information from the database or modify its contents.
    • A. 

      SQL/LDAP insert attack

    • B. 

      Modified Trojan attack

    • C. 

      LDAP injection attack

    • D. 

      RBASE plug-in attack


  • 16. 
    The least restrictive access control model is _____.
    • A. 

      Role Based Access Control (RBAC)

    • B. 

      Mandatory Access Control (MAC)

    • C. 

      Discretionary Access Control (DAC)

    • D. 

      Rule Based Access Control (RBAC)


  • 17. 
    The principle known as _____ in access control means that each user should only be given the minimal amount of privileges necessary for that person to perform their job function.
    • A. 

      Enterprise Security

    • B. 

      Least privilege

    • C. 

      Deny all

    • D. 

      Mandatory Limitations


  • 18. 
    A(n) _____ is the person responsible for the information and determines the level of security needed for the data and delegates security duties as required.
    • A. 

      Owner

    • B. 

      Custodian

    • C. 

      End user

    • D. 

      Administrator


  • 19. 
    In the Mandatory Access Control (MAC) model, every subject and object _____.
    • A. 

      Is restricted and cannot be accessed

    • B. 

      Is assigned a label

    • C. 

      Can be changed by the owner

    • D. 

      Must be given a number from 200–900


  • 20. 
    A user account that has not been accessed for a lengthy period of time is called a(n) _____ account.
    • A. 

      Orphaned

    • B. 

      Limbo

    • C. 

      Static

    • D. 

      Dormant


  • 21. 
    Each of the following is a type of authentication credential except _______.
    • A. 

      What you have

    • B. 

      What you are

    • C. 

      What you discover

    • D. 

      What you know


  • 22. 
    Which of the following is not a reason why users create weak passwords?
    • A. 

      A lengthy and complex password can be difficult to memorize.

    • B. 

      A security policy requires a password to be changed regularly.

    • C. 

      Having multiple passwords makes it hard to remember all of them.

    • D. 

      Most sites force users to create weak passwords although they do not want to.


  • 23. 
    Which of the following attacks on passwords requires the attacker to have physical access to the computer to insert a USB flash drive?
    • A. 

      Resetting

    • B. 

      Capturing

    • C. 

      Social engineering

    • D. 

      Online guessing


  • 24. 
    What is a hybrid attack?
    • A. 

      An attack that combines a dictionary attack with an online guessing attack

    • B. 

      A brute force attack that uses special tables

    • C. 

      An attack that slightly alters dictionary words

    • D. 

      An attack that uses both automated and user input


  • 25. 
    Each of the following is a step in creating a strong password except _______.
    • A. 

      Use a short password so the computer can process it more quickly

    • B. 

      Avoid using phonetic words

    • C. 

      Do not use sequences

    • D. 

      Do not use personal information


  • 26. 
    A token code is valid _______.
    • A. 

      For as long as it appears on the device

    • B. 

      For up to 1 hour

    • C. 

      Only for the user who possesses the device

    • D. 

      If it is longer than 8 characters


  • 27. 
    A token system that requires the user to enter the code along with a PIN is called a _______.
    • A. 

      Single-factor authentication system

    • B. 

      Dual-prong verification system

    • C. 

      Multi-factor authentication system

    • D. 

      Token-passing authentication system


  • 28. 
    A _____ is a U.S. Department of Defense (DoD) smart card that is used for identification for active-duty and reserve military personnel.
    • A. 

      Personal Identity Verification (PIV) card

    • B. 

      Government Smart Card (GSC)

    • C. 

      Secure ID Card (SIDC)

    • D. 

      Common Access Card (CAC)


  • 29. 
    Keystroke dynamics is an example of _____ biometrics.
    • A. 

      Resource

    • B. 

      Cognitive

    • C. 

      Adaptive

    • D. 

      Behavioral


  • 30. 
    Creating a pattern of when and from where a user accesses a remote Web account is an example of ________.
    • A. 

      Time-Location Resource Monitoring (TLRM)

    • B. 

      Keystroke dynamics

    • C. 

      Cognitive biometrics

    • D. 

      Computer footprinting


  • 31. 
    _____ is a decentralized open source FIM that does not require specific software to be installed on the desktop.
    • A. 

      SSO Login Resource (SSO-LR)

    • B. 

      Windows CardSpace

    • C. 

      OpenID

    • D. 

      Windows Live ID


  • 32. 
    Which of the following human characteristics cannot be used for biometric identification?
    • A. 

      Face

    • B. 

      Weight

    • C. 

      Fingerprint

    • D. 

      Retina


  • 33. 
    _____ biometrics is related to the perception, thought processes, and understanding of the user.
    • A. 

      Standard

    • B. 

      Intelligent

    • C. 

      Behavioral

    • D. 

      Cognitive


  • 34. 
    Using one authentication credential to access multiple accounts or applications is known as _______.
    • A. 

      Credentialization

    • B. 

      Identification authentication

    • C. 

      Single sign-on

    • D. 

      Federal login


  • 35. 
    A disadvantage of biometric readers is _______.
    • A. 

      Speed

    • B. 

      Size

    • C. 

      Cost

    • D. 

      Standards


  • 36. 
    Which single sign-on (SSO) technology depends upon tokens?
    • A. 

      OAuth

    • B. 

      CardSpace

    • C. 

      OpenID

    • D. 

      All SSO technologies use tokens.


  • 37. 
    Why should the account lockout threshold not be set too low?
    • A. 

      It could decrease calls to the help desk.

    • B. 

      Because the network administrator would then have to manually reset the account.

    • C. 

      So the user would not have to wait too long to have their password reset.

    • D. 

      It could result in denial of service (DoS) attacks.


  • 38. 
    Which of the following is NOT a flaw in standard operating systems?
    • A. 

      Operating systems by default use the principle of least privilege.

    • B. 

      Operating systems are complex programs with millions of lines of code that make vulnerabilities extremely difficult to recognize.

    • C. 

      Operating systems do not isolate applications from each another so that one application that is compromised can impact the entire computer.

    • D. 

      Operating systems cannot create a trusted path between users and applications.


  • 39. 
    An operating system that is designed to be secure by controlling critical parts of it to limit access from attackers and administrators is a _______.
    • A. 

      Secure OS

    • B. 

      Trustworthy OS

    • C. 

      Managed OS

    • D. 

      Trusted OS


  • 40. 
    Which technique would prevent an attacker from China from logging into a user’s account at 4:00AM?
    • A. 

      Computer footprinting

    • B. 

      OpenAuthorization

    • C. 

      Cognitive biometrics

    • D. 

      Internet Throttling


  • 41. 
    What is data called that is to be encrypted by inputting into an encryption algorithm?
    • A. 

      Plaintext

    • B. 

      Cleartext

    • C. 

      Opentext

    • D. 

      Ciphertext


  • 42. 
    Which of the following is not a basic security protection over information that cryptography can provide?
    • A. 

      Confidentiality

    • B. 

      Stop loss

    • C. 

      Integrity

    • D. 

      Authenticity


  • 43. 
    The areas of a file in which steganography can hide data include all of the following except ______.
    • A. 

      In data that is used to describe the content or structure of the actual data

    • B. 

      In the directory structure of the file system

    • C. 

      In the file header fields that describe the file

    • D. 

      In areas that contain the content data itself


  • 44. 
    Proving that a user sent an e-mail message is known as ______.
    • A. 

      Repudiation

    • B. 

      Integrity

    • C. 

      Non-repudiation

    • D. 

      Availability


  • 45. 
    Symmetric cryptographic algorithms are also called ______.
    • A. 

      Private key cryptography

    • B. 

      Cipherkey cryptography

    • C. 

      Public/private key cryptography

    • D. 

      Public key cryptography


  • 46. 
    A(n) _____ is not decrypted but is only used for comparison purposes.
    • A. 

      Stream

    • B. 

      Hash

    • C. 

      Algorithm

    • D. 

      Key


  • 47. 
    Each of the following is a characteristic of a secure hash algorithm except _______.
    • A. 

      Collisions should be rare

    • B. 

      The results of a hash function should not be reversed

    • C. 

      The hash should always be the same fixed size

    • D. 

      A message cannot be produced from a predefined hash


  • 48. 
    Hashing would not be used in which of the following examples?
    • A. 

      Bank automatic teller machine (ATM)

    • B. 

      Encrypting and decrypting e-mail attachments

    • C. 

      Verifying a user password entered on a Linux system

    • D. 

      Determining the integrity of a message


  • 49. 
    _____ encrypts a hash with a shared secret key.
    • A. 

      Key_hash

    • B. 

      WEP

    • C. 

      MDRIPE

    • D. 

      Hashed Message Authentication Code (HMAC)


  • 50. 
    Which of the following is a protection provided by hashing?
    • A. 

      Authenticity

    • B. 

      Confidentiality

    • C. 

      Integrity

    • D. 

      Availability


  • 51. 
    _____ is a hash that uses two different and independent parallel chains of computation, the result of which are then combined at the end of the process.
    • A. 

      DES

    • B. 

      AES

    • C. 

      RC4

    • D. 

      RIPEMD


  • 52. 
    Which of the following is the strongest symmetric cryptographic algorithm?
    • A. 

      Advanced Encryption Standard

    • B. 

      Data Encryption Standard

    • C. 

      Triple Data Encryption Standard

    • D. 

      Rivest Cipher (RC)


  • 53. 
    If Bob wants to send a secure message to Alice using an asymmetric cryptographic algorithm, the key he uses to encrypt the message is _______.
    • A. 

      Alice’s private key

    • B. 

      Alice’s public key

    • C. 

      Bob’s public key

    • D. 

      Bob’s private key


  • 54. 
    A digital signature can provide each of the following benefits except ______.
    • A. 

      Prove the integrity of the message

    • B. 

      Verify the receiver

    • C. 

      Verify the sender

    • D. 

      Enforce non-repudiation


  • 55. 
    Which of the following asymmetric cryptographic algorithms is the most secure?
    • A. 

      MEC-2

    • B. 

      RSA

    • C. 

      MD-17

    • D. 

      SHA-2


  • 56. 
    Which of the following asymmetric encryption algorithms uses prime numbers?
    • A. 

      EFS

    • B. 

      Quantum computing

    • C. 

      ECC

    • D. 

      RSA


  • 57. 
    _____ uses lattice-based cryptography and may be more resistant to quantum computing attacks.
    • A. 

      NTRUEncrypt

    • B. 

      ECC

    • C. 

      RC4

    • D. 

      SHA-512


  • 58. 
    The Trusted Platform Module (TPM) _____.
    • A. 

      Allows the user to boot a corrupted disk and repair it

    • B. 

      Is only available on Windows computers running BitLocker

    • C. 

      Includes a pseudorandom number generator (PRNG)

    • D. 

      Provides cryptographic services in hardware instead of software


  • 59. 
    Which of the following has an onboard key generator and key storage facility, accelerated symmetric and asymmetric encryption, and can back up sensitive material in encrypted form?
    • A. 

      Trusted Platform Module (TPM)

    • B. 

      Self-encrypting hard disk drives (HDDs)

    • C. 

      Encrypted hardware-based USB devices

    • D. 

      Hardware Security Module (HSM)


  • 60. 
    The Microsoft Windows LAN Manager hash ______.
    • A. 

      Is weaker than NTLMv2

    • B. 

      Is part of BitLocker

    • C. 

      Is required to be present when using TPM

    • D. 

      Is identical to MD-4


Back to top

Removing ad is a premium feature

Upgrade and get a lot more done!
Take Another Quiz
We have sent an email with your new password.