Each of the following make up the AAA elements in network security except _______.

determining user need (analyzing)

controlling access to network resources (authentication)

enforcing security policies (authorization)

determining user need (analyzing)

Rule Based Access Control _____.

dynamically assigns roles to subjects based on rules

is considered a real-world approach by linking a user’s job function with security

requires that a custodian set all rules

Separation of duties requires that _____.

processes should be divided between two or more individuals

end users cannot set security for themselves

managers must monitor owners for security purposes

jobs be rotated among different individuals

The least restrictive access control model is _____.

Discretionary Access Control (DAC)

Role Based Access Control (RBAC)

Discretionary Access Control (DAC)

Rule Based Access Control (RBAC)

In the Mandatory Access Control (MAC) model, every subject and object _____.

is restricted and cannot be accessed

must be given a number from 200–900

Which of the following is not a reason why users create weak passwords?

Most sites force users to create weak passwords although they do not want to.

A lengthy and complex password can be difficult to memorize.

A security policy requires a password to be changed regularly.

Having multiple passwords makes it hard to remember all of them.

Most sites force users to create weak passwords although they do not want to.

What is a hybrid attack?

An attack that slightly alters dictionary words

An attack that combines a dictionary attack with an online guessing attack

A brute force attack that uses special tables

An attack that slightly alters dictionary words

An attack that uses both automated and user input

Each of the following is a step in creating a strong password except _______.

use a short password so the computer can process it more quickly

do not use personal information

Institute Of Electrical And Electronics Engineers IEEE Quiz

Approved & Edited by ProProfs Editorial Team

At ProProfs Quizzes, our dedicated in-house team of experts takes pride in their work. With a sharp eye for detail, they meticulously review each quiz. This ensures that every quiz, taken by over 100 million users, meets our standards of accuracy, clarity, and engagement.

Learn about Our Editorial Process

| Written by MrsQ

MrsQ

Community Contributor

Quizzes Created: 5 | Total Attempts: 2,798

Questions: 60 | Attempts: 405 | Updated: Mar 21, 2023

Questions

Settings

Feedback

During the Quiz End of Quiz

Play as

Quiz Flashcard

Create your own Quiz

Questions and Answers

1.

A RADIUS authentication server requires that the _____ be authenticated first.authentication server.
- A.
  
  Authentication server
- B.
  
  Supplicant
- C.
  
  Authenticator
- D.
  
  User
Correct Answer
B. Supplicant

Explanation
A RADIUS authentication server requires that the supplicant be authenticated first. The supplicant refers to the client device or user that is attempting to gain access to the network. Before the authentication server grants access, it verifies the identity of the supplicant to ensure that it is authorized to connect to the network. This is a common practice in network security to prevent unauthorized access and protect the integrity of the network.

Rate this question:
2.

Each of the following make up the AAA elements in network security except _______.
- A.
  
  Controlling access to network resources (authentication)
- B.
  
  Enforcing security policies (authorization)
- C.
  
  Determining user need (analyzing)
- D.
  
  Auditing usage (accounting)
Correct Answer
C. Determining user need (analyzing)

Explanation
The AAA elements in network security refer to authentication, authorization, and accounting. These elements are crucial for ensuring the security of network resources. Authentication involves controlling access to network resources by verifying the identity of users. Authorization is the process of enforcing security policies and determining what actions users are allowed to perform. Accounting involves auditing usage and keeping track of user activities. However, determining user need (analyzing) is not a part of the AAA elements in network security. This means that it is not directly related to the process of authentication, authorization, and accounting in network security.

Rate this question:
3.

With the development of IEEE 802.1x port security, the authentication server _____ has seen even greater usage.
- A.
  
  RDAP
- B.
  
  DAP
- C.
  
  RADIUS
- D.
  
  AAA
Correct Answer
C. RADIUS

Explanation
With the development of IEEE 802.1x port security, the authentication server RADIUS has seen even greater usage. RADIUS (Remote Authentication Dial-In User Service) is a widely used protocol that provides centralized authentication, authorization, and accounting management for users who connect and access network resources. As IEEE 802.1x port security has become more prevalent, the need for a robust and scalable authentication server like RADIUS has increased, making it the correct answer in this context.

Rate this question:
4.

_____ is an authentication protocol available as a free download that runs on Microsoft Windows 7/Vista, Windows Server 2008, Apple Mac OS X, and Linux.
- A.
  
  IEEE 802.1x
- B.
  
  RADIUS
- C.
  
  Kerberos
- D.
  
  LDAP
Correct Answer
C. Kerberos

Explanation
Kerberos is an authentication protocol that is available as a free download and can be run on various operating systems such as Microsoft Windows 7/Vista, Windows Server 2008, Apple Mac OS X, and Linux. It provides secure authentication for client-server applications and ensures that only authorized users can access network resources.

Rate this question:
5.

The version of the X.500 standard that runs on a personal computer over TCP/IP is_____.
- A.
  
  DAP
- B.
  
  LDAP
- C.
  
  IEEE X.501
- D.
  
  Lite RDAP
Correct Answer
B. LDAP

Explanation
LDAP stands for Lightweight Directory Access Protocol. It is the version of the X.500 standard that runs on a personal computer over TCP/IP. LDAP is a protocol used to access and manage directory information services. It provides a lightweight and efficient way to query and modify directory data, making it suitable for use on personal computers.

Rate this question:
6.

A user entering her user name would correspond to the _____ action in access control.
- A.
  
  Authentication
- B.
  
  Identification
- C.
  
  Authorization
- D.
  
  Access
Correct Answer
B. Identification

Explanation
When a user enters her username, it corresponds to the identification action in access control. Identification is the process of verifying the identity of a user by providing a unique identifier, such as a username. This step is important in access control as it allows the system to recognize and differentiate between different users. Once the user is identified, further actions such as authentication and authorization can take place to determine the user's privileges and access rights.

Rate this question:
7.

A process functioning on behalf of the user that attempts to access a file is known as a(n) _______.
- A.
  
  Object
- B.
  
  Subject
- C.
  
  Resource
- D.
  
  Operation check
Correct Answer
B. Subject

Explanation
A process functioning on behalf of the user that attempts to access a file is known as a subject. The subject is the entity that performs actions or operations on resources, such as files, in a computer system. In this case, the process is acting as the subject by trying to access the file.

Rate this question:
8.

The individual who periodically reviews security settings and maintains records of access by users is called the _____.
- A.
  
  Supervisor
- B.
  
  Owner
- C.
  
  Custodian
- D.
  
  Manager
Correct Answer
C. Custodian

Explanation
A custodian is responsible for periodically reviewing security settings and maintaining records of access by users. They ensure that the appropriate security measures are in place and monitor user activity to ensure compliance with security protocols. The custodian plays a crucial role in maintaining the integrity and confidentiality of the system by regularly reviewing and updating security settings and keeping accurate records of user access.

Rate this question:
9.

In the _____ model, the end user cannot change any security settings.
- A.
  
  Discretionary Access Control
- B.
  
  Security Access Control
- C.
  
  Mandatory Access Control
- D.
  
  Restricted Access Control
Correct Answer
C. Mandatory Access Control

Explanation
Mandatory Access Control (MAC) is a model where the end user does not have the ability to change any security settings. In this model, access to resources is determined by the system administrator or security policy, rather than being discretionary. This ensures that the user cannot modify or override the security settings, providing a higher level of control and protection for sensitive information or resources.

Rate this question:
10.

Rule Based Access Control _____.
- A.
  
  Is considered obsolete today
- B.
  
  Dynamically assigns roles to subjects based on rules
- C.
  
  Is considered a real-world approach by linking a user’s job function with security
- D.
  
  Requires that a custodian set all rules
Correct Answer
B. Dynamically assigns roles to subjects based on rules

Explanation
Rule Based Access Control (RBAC) is a method of access control that dynamically assigns roles to subjects based on rules. This means that instead of manually assigning permissions to individual users, RBAC automatically assigns roles to users based on their job function or other criteria. This approach is considered efficient and scalable, as it allows for easy management of access control in large organizations with numerous users and complex permissions requirements. It is a widely used and effective approach in today's security systems.

Rate this question:
11.

Separation of duties requires that _____.
- A.
  
  Processes should be divided between two or more individuals
- B.
  
  End users cannot set security for themselves
- C.
  
  Managers must monitor owners for security purposes
- D.
  
  Jobs be rotated among different individuals
Correct Answer
A. Processes should be divided between two or more individuals

Explanation
Separation of duties is a principle that ensures that no single individual has complete control over a process or system. By dividing processes between two or more individuals, it helps to prevent fraud, errors, and abuse of power. This ensures that there is a system of checks and balances in place, as different individuals are responsible for different aspects of a process. This helps to increase accountability and reduce the risk of unauthorized actions or mistakes.

Rate this question:
12.

_____ in access control means that if a condition is not explicitly met then access is to be rejected.
- A.
  
  Denial of duties
- B.
  
  Implicit deny
- C.
  
  Explicit rejection
- D.
  
  Prevention control
Correct Answer
B. Implicit deny

Explanation
Implicit deny in access control means that if a condition is not explicitly met, access is to be rejected. This means that unless a user is specifically granted access to a resource, they are automatically denied access by default. Implicit deny acts as a safeguard, ensuring that only authorized individuals are granted access to sensitive information or resources.

Rate this question:
13.

A(n) _____ is a set of permissions that is attached to an object.
- A.
  
  Access control list (ACL)
- B.
  
  Subject Access Entity (SAE)
- C.
  
  Object modifier
- D.
  
  Security entry designator
Correct Answer
A. Access control list (ACL)

Explanation
An access control list (ACL) is a set of permissions that is attached to an object. It specifies which users or groups are granted access to the object and what level of access they have. It is a commonly used method for controlling access to resources in computer systems and networks.

Rate this question:
14.

_____ is a Microsoft Windows feature that provides centralized management and configuration of computers and remote users who are using Active Directory.
- A.
  
  Windows Register Settings
- B.
  
  Group Policy
- C.
  
  Resource Allocation Entities
- D.
  
  AD Management Services (ADMS)
Correct Answer
B. Group Policy

Explanation
Group Policy is a Microsoft Windows feature that allows centralized management and configuration of computers and remote users who are using Active Directory. It enables administrators to define and enforce settings and restrictions for users and computers within a network. With Group Policy, administrators can control various aspects such as security settings, software installation, desktop configurations, and more. This helps in maintaining consistency and security across the network by ensuring that all computers and users adhere to the defined policies.

Rate this question:
15.

A(n) _____ constructs LDAP statements based on user inputs in order to retrieve information from the database or modify its contents.
- A.
  
  SQL/LDAP insert attack
- B.
  
  Modified Trojan attack
- C.
  
  LDAP injection attack
- D.
  
  RBASE plug-in attack
Correct Answer
C. LDAP injection attack

Explanation
An LDAP injection attack is a type of attack where an attacker constructs LDAP statements using user inputs to manipulate the database or retrieve unauthorized information. This type of attack can exploit vulnerabilities in the application's input validation mechanisms and can result in unauthorized access to sensitive data or modification of the database contents.

Rate this question:
16.

The least restrictive access control model is _____.
- A.
  
  Role Based Access Control (RBAC)
- B.
  
  Mandatory Access Control (MAC)
- C.
  
  Discretionary Access Control (DAC)
- D.
  
  Rule Based Access Control (RBAC)
Correct Answer
C. Discretionary Access Control (DAC)

Explanation
Discretionary Access Control (DAC) is the least restrictive access control model because it allows the owner of a resource to determine who can access it and what actions they can perform on it. In DAC, access control decisions are based on the identity and privileges of individual users or groups. This model provides flexibility and user autonomy, as it allows users to grant or revoke access to their resources. In contrast, Mandatory Access Control (MAC) and Rule Based Access Control (RBAC) are more restrictive, as access decisions are based on predefined rules and policies, while RBAC is a more advanced model that assigns access based on roles.

Rate this question:
17.

The principle known as _____ in access control means that each user should only be given the minimal amount of privileges necessary for that person to perform their job function.
- A.
  
  Enterprise Security
- B.
  
  Least privilege
- C.
  
  Deny all
- D.
  
  Mandatory Limitations
Correct Answer
B. Least privilege

Explanation
The principle known as "least privilege" in access control means that each user should only be given the minimal amount of privileges necessary for that person to perform their job function. This principle ensures that users have access only to the resources and actions that are essential for their specific tasks, reducing the risk of unauthorized access or misuse of privileges. By limiting privileges to the minimum required, organizations can enhance security and mitigate the potential impact of a compromised user account.

Rate this question:
18.

A(n) _____ is the person responsible for the information and determines the level of security needed for the data and delegates security duties as required.
- A.
  
  Owner
- B.
  
  Custodian
- C.
  
  End user
- D.
  
  Administrator
Correct Answer
A. Owner

Explanation
The owner of the data is the person responsible for the information and determines the level of security needed for it. They have the authority to delegate security duties as required. The owner is ultimately accountable for the protection and confidentiality of the data.

Rate this question:
19.

In the Mandatory Access Control (MAC) model, every subject and object _____.
- A.
  
  Is restricted and cannot be accessed
- B.
  
  Is assigned a label
- C.
  
  Can be changed by the owner
- D.
  
  Must be given a number from 200–900
Correct Answer
B. Is assigned a label

Explanation
In the Mandatory Access Control (MAC) model, every subject and object is assigned a label. This label is used to determine the level of access or permissions that a subject has over an object. The label acts as a security mechanism, ensuring that only authorized subjects can access or modify objects based on their assigned labels.

Rate this question:
20.

A user account that has not been accessed for a lengthy period of time is called a(n) _____ account.
- A.
  
  Orphaned
- B.
  
  Limbo
- C.
  
  Static
- D.
  
  Dormant
Correct Answer
D. Dormant

Explanation
A user account that has not been accessed for a lengthy period of time is called a dormant account. This term is used to describe an account that has been inactive and unused for an extended period. It implies that the account is currently not in use and may require reactivation or deletion.

Rate this question:
21.

Each of the following is a type of authentication credential except _______.
- A.
  
  What you have
- B.
  
  What you are
- C.
  
  What you discover
- D.
  
  What you know
Correct Answer
C. What you discover

Explanation
The given answer, "what you discover," is the correct answer because it does not fit the definition of an authentication credential. Authentication credentials are typically something that a person possesses or knows, such as a password, a smart card, or a fingerprint. "What you discover" does not fall into this category and therefore does not qualify as an authentication credential.

Rate this question:
22.

Which of the following is not a reason why users create weak passwords?
- A.
  
  A lengthy and complex password can be difficult to memorize.
- B.
  
  A security policy requires a password to be changed regularly.
- C.
  
  Having multiple passwords makes it hard to remember all of them.
- D.
  
  Most sites force users to create weak passwords although they do not want to.
Correct Answer
D. Most sites force users to create weak passwords although they do not want to.

Explanation
The given answer states that most sites force users to create weak passwords although they do not want to. This is not a reason why users create weak passwords. Users may create weak passwords for various reasons, such as finding it difficult to memorize a lengthy and complex password, having multiple passwords to remember, or being required to change passwords regularly due to a security policy.

Rate this question:
23.

Which of the following attacks on passwords requires the attacker to have physical access to the computer to insert a USB flash drive?
- A.
  
  Resetting
- B.
  
  Capturing
- C.
  
  Social engineering
- D.
  
  Online guessing
Correct Answer
A. Resetting

Explanation
Resetting passwords typically requires physical access to the computer or device in order to perform the necessary actions to reset the password. This could involve inserting a USB flash drive or using other physical means to gain access to the system. Therefore, the correct answer is "Resetting".

Rate this question:
24.

What is a hybrid attack?
- A.
  
  An attack that combines a dictionary attack with an online guessing attack
- B.
  
  A brute force attack that uses special tables
- C.
  
  An attack that slightly alters dictionary words
- D.
  
  An attack that uses both automated and user input
Correct Answer
C. An attack that slightly alters dictionary words

Explanation
A hybrid attack is an attack that slightly alters dictionary words. This means that instead of using the exact words from a dictionary, the attacker modifies them slightly to try and bypass security measures. This can include adding numbers or symbols to the words, or making small changes to the spelling. By doing this, the attacker increases the chances of successfully guessing passwords or cracking encryption codes.

Rate this question:
25.

Each of the following is a step in creating a strong password except _______.
- A.
  
  Use a short password so the computer can process it more quickly
- B.
  
  Avoid using phonetic words
- C.
  
  Do not use sequences
- D.
  
  Do not use personal information
Correct Answer
A. Use a short password so the computer can process it more quickly

Explanation
The given answer is "use a short password so the computer can process it more quickly". This is because using a short password makes it easier for hackers to guess or crack the password. A strong password should be long and complex, including a combination of uppercase and lowercase letters, numbers, and special characters. This makes it more difficult for hackers to guess or use automated programs to crack the password.

Rate this question:
26.

A token code is valid _______.
- A.
  
  For as long as it appears on the device
- B.
  
  For up to 1 hour
- C.
  
  Only for the user who possesses the device
- D.
  
  If it is longer than 8 characters
Correct Answer
A. For as long as it appears on the device

Explanation
The correct answer is "for as long as it appears on the device." This means that the token code remains valid as long as it is visible or displayed on the device. Once it is no longer visible, it is no longer considered valid.

Rate this question:
27.

A token system that requires the user to enter the code along with a PIN is called a _______.
- A.
  
  Single-factor authentication system
- B.
  
  Dual-prong verification system
- C.
  
  Multi-factor authentication system
- D.
  
  Token-passing authentication system
Correct Answer
C. Multi-factor authentication system

Explanation
A token system that requires the user to enter the code along with a PIN is called a multi-factor authentication system. This is because it combines two factors, something the user knows (the PIN) and something the user has (the token code), to verify the user's identity. By requiring multiple factors, it adds an extra layer of security compared to single-factor authentication systems.

Rate this question:
28.

A _____ is a U.S. Department of Defense (DoD) smart card that is used for identification for active-duty and reserve military personnel.
- A.
  
  Personal Identity Verification (PIV) card
- B.
  
  Government Smart Card (GSC)
- C.
  
  Secure ID Card (SIDC)
- D.
  
  Common Access Card (CAC)
Correct Answer
D. Common Access Card (CAC)

Explanation
The correct answer is Common Access Card (CAC). This smart card is issued by the U.S. Department of Defense and is used for identification purposes by active-duty and reserve military personnel. It allows access to secure facilities and computer networks, and contains personal information and digital certificates to authenticate the cardholder's identity. The CAC is an essential tool for military personnel to prove their identity and gain access to various resources within the Department of Defense.

Rate this question:
29.

Keystroke dynamics is an example of _____ biometrics.
- A.
  
  Resource
- B.
  
  Cognitive
- C.
  
  Adaptive
- D.
  
  Behavioral
Correct Answer
D. Behavioral

Explanation
Keystroke dynamics is an example of behavioral biometrics because it involves analyzing an individual's unique typing patterns and rhythms. It focuses on the behavioral aspect of how a person types, including factors such as typing speed, keystroke duration, and the intervals between keystrokes. By analyzing these behavioral patterns, keystroke dynamics can be used as a biometric authentication method to verify a person's identity.

Rate this question:
30.

Creating a pattern of when and from where a user accesses a remote Web account is an example of ________.
- A.
  
  Time-Location Resource Monitoring (TLRM)
- B.
  
  Keystroke dynamics
- C.
  
  Cognitive biometrics
- D.
  
  Computer footprinting
Correct Answer
D. Computer footprinting

Explanation
Computer footprinting refers to the process of tracking and recording the activities and behaviors of a user on a computer or network. In this scenario, creating a pattern of when and from where a user accesses a remote Web account involves monitoring and recording the user's login times and locations. This information can be used to establish a unique footprint for the user, which can be helpful for security purposes, such as detecting any suspicious or unauthorized access attempts.

Rate this question:
31.

_____ is a decentralized open source FIM that does not require specific software to be installed on the desktop.
- A.
  
  SSO Login Resource (SSO-LR)
- B.
  
  Windows CardSpace
- C.
  
  OpenID
- D.
  
  Windows Live ID
Correct Answer
C. OpenID

Explanation
OpenID is a decentralized open source FIM (Federated Identity Management) that allows users to log in to multiple websites using a single set of credentials. Unlike other options listed, OpenID does not require any specific software to be installed on the desktop. This makes it convenient for users as they can access their accounts from any device with an internet connection without the need for additional installations.

Rate this question:
32.

Which of the following human characteristics cannot be used for biometric identification?
- A.
  
  Face
- B.
  
  Weight
- C.
  
  Fingerprint
- D.
  
  Retina
Correct Answer
B. Weight

Explanation
Weight cannot be used for biometric identification because it is not a unique and consistent characteristic that can reliably distinguish individuals. Unlike face, fingerprint, and retina, weight can change over time due to various factors such as diet, exercise, and health conditions. Therefore, it is not a suitable biometric trait for identification purposes.

Rate this question:
33.

_____ biometrics is related to the perception, thought processes, and understanding of the user.
- A.
  
  Standard
- B.
  
  Intelligent
- C.
  
  Behavioral
- D.
  
  Cognitive
Correct Answer
D. Cognitive

Explanation
Cognitive biometrics refers to the use of biometric data related to the user's perception, thought processes, and understanding. It involves analyzing and measuring cognitive functions such as attention, memory, and problem-solving abilities. This type of biometrics focuses on understanding how the user thinks and processes information, rather than physical characteristics like fingerprints or facial features. By studying cognitive biometrics, systems can gain insights into the user's mental state and tailor experiences accordingly.

Rate this question:
34.

Using one authentication credential to access multiple accounts or applications is known as _______.
- A.
  
  Credentialization
- B.
  
  Identification authentication
- C.
  
  Single sign-on
- D.
  
  Federal login
Correct Answer
C. Single sign-on

Explanation
Single sign-on refers to the practice of using one set of authentication credentials (such as username and password) to access multiple accounts or applications. This eliminates the need for users to remember multiple login credentials and simplifies the authentication process. With single sign-on, users can authenticate once and gain access to multiple systems or applications without the need to re-enter their credentials.

Rate this question:
35.

A disadvantage of biometric readers is _______.
- A.
  
  Speed
- B.
  
  Size
- C.
  
  Cost
- D.
  
  Standards
Correct Answer
C. Cost

Explanation
Biometric readers have the disadvantage of being costly. This means that implementing and maintaining these readers can be expensive for individuals or organizations. The cost includes not only the initial purchase of the biometric reader but also any additional expenses for installation, training, and regular maintenance. This can make it difficult for some individuals or organizations to afford and adopt biometric readers, limiting their accessibility and usage.

Rate this question:
36.

Which single sign-on (SSO) technology depends upon tokens?
- A.
  
  OAuth
- B.
  
  CardSpace
- C.
  
  OpenID
- D.
  
  All SSO technologies use tokens.
Correct Answer
A. OAuth

Explanation
OAuth is the correct answer because it is an SSO technology that relies on tokens. When a user tries to access a resource from a service provider, OAuth allows them to authenticate with their credentials from an identity provider. The identity provider then issues a token to the user, which can be used to access the requested resource without having to provide credentials again. This token acts as proof of authentication and authorization, allowing the user to access multiple services without sharing their credentials with each one.

Rate this question:
37.

Why should the account lockout threshold not be set too low?
- A.
  
  It could decrease calls to the help desk.
- B.
  
  Because the network administrator would then have to manually reset the account.
- C.
  
  So the user would not have to wait too long to have their password reset.
- D.
  
  It could result in denial of service (DoS) attacks.
Correct Answer
D. It could result in denial of service (DoS) attacks.

Explanation
Setting the account lockout threshold too low could result in denial of service (DoS) attacks. This is because if the threshold is set too low, even a small number of unsuccessful login attempts can trigger the account lockout, effectively denying access to legitimate users. Attackers can exploit this by intentionally attempting multiple incorrect logins, causing legitimate users to be locked out of their accounts. Therefore, it is important to set the threshold at an appropriate level to balance security and usability.

Rate this question:
38.

Which of the following is NOT a flaw in standard operating systems?
- A.
  
  Operating systems by default use the principle of least privilege.
- B.
  
  Operating systems are complex programs with millions of lines of code that make vulnerabilities extremely difficult to recognize.
- C.
  
  Operating systems do not isolate applications from each another so that one application that is compromised can impact the entire computer.
- D.
  
  Operating systems cannot create a trusted path between users and applications.
Correct Answer
A. Operating systems by default use the principle of least privilege.

Explanation
The principle of least privilege is actually a security feature in operating systems that restricts users and programs from accessing resources beyond what is necessary for them to perform their tasks. It helps to minimize the potential damage that can be caused by a compromised user or application. Therefore, it is not a flaw in standard operating systems.

Rate this question:
39.

An operating system that is designed to be secure by controlling critical parts of it to limit access from attackers and administrators is a _______.
- A.
  
  Secure OS
- B.
  
  Trustworthy OS
- C.
  
  Managed OS
- D.
  
  Trusted OS
Correct Answer
D. Trusted OS

Explanation
A trusted OS is an operating system that is designed with security measures in place to control critical parts of the system, limiting access from both attackers and administrators. This ensures that only authorized individuals are able to access and modify sensitive components, reducing the risk of unauthorized access or malicious activities. By being "trusted," the OS instills confidence in its ability to protect the system and maintain its integrity.

Rate this question:
40.

Which technique would prevent an attacker from China from logging into a user’s account at 4:00AM?
- A.
  
  Computer footprinting
- B.
  
  OpenAuthorization
- C.
  
  Cognitive biometrics
- D.
  
  Internet Throttling
Correct Answer
A. Computer footprinting

Explanation
Computer footprinting is the technique that would prevent an attacker from China from logging into a user's account at 4:00AM. Computer footprinting involves gathering information about a computer system, such as its IP address, operating system, and software, in order to identify and track potential attackers. By monitoring and analyzing the footprint left by the attacker's computer, security measures can be put in place to block unauthorized access attempts, including those from specific geographical locations like China.

Rate this question:
41.

What is data called that is to be encrypted by inputting into an encryption algorithm?
- A.
  
  Plaintext
- B.
  
  Cleartext
- C.
  
  Opentext
- D.
  
  Ciphertext
Correct Answer
A. Plaintext

Explanation
Plaintext refers to the data that is inputted into an encryption algorithm before it is encrypted. It is the original, readable form of the data that is to be protected. Once the encryption algorithm is applied, the plaintext is transformed into ciphertext, which is the encrypted form of the data.

Rate this question:
42.

Which of the following is not a basic security protection over information that cryptography can provide?
- A.
  
  Confidentiality
- B.
  
  Stop loss
- C.
  
  Integrity
- D.
  
  Authenticity
Correct Answer
B. Stop loss

Explanation
The given answer "Stop loss" is not a basic security protection that cryptography can provide. Cryptography primarily focuses on ensuring confidentiality by encrypting information, integrity by detecting any unauthorized modifications, and authenticity by verifying the identity of the sender or receiver. "Stop loss" is not directly related to these security protections and is more commonly associated with financial risk management.

Rate this question:
43.

The areas of a file in which steganography can hide data include all of the following except ______.
- A.
  
  In data that is used to describe the content or structure of the actual data
- B.
  
  In the directory structure of the file system
- C.
  
  In the file header fields that describe the file
- D.
  
  In areas that contain the content data itself
Correct Answer
B. In the directory structure of the file system

Explanation
Steganography can hide data in various areas of a file, such as the data used to describe the content or structure of the actual data, the file header fields that describe the file, and areas that contain the content data itself. However, it cannot hide data in the directory structure of the file system. This means that steganography techniques cannot be used to conceal information within the organization and hierarchy of files and folders within a file system.

Rate this question:
44.

Proving that a user sent an e-mail message is known as ______.
- A.
  
  Repudiation
- B.
  
  Integrity
- C.
  
  Non-repudiation
- D.
  
  Availability
Correct Answer
C. Non-repudiation

Explanation
Non-repudiation refers to the ability to prove that a user sent an email message and cannot deny having sent it. It ensures that the sender cannot later claim that they did not send the message, providing evidence of their involvement in the communication. This is typically achieved through the use of digital signatures or other cryptographic techniques that verify the authenticity and integrity of the message. Non-repudiation is an important aspect of security in electronic communication, as it helps establish trust and accountability between parties.

Rate this question:
45.

Symmetric cryptographic algorithms are also called ______.
- A.
  
  Private key cryptography
- B.
  
  Cipherkey cryptography
- C.
  
  Public/private key cryptography
- D.
  
  Public key cryptography
Correct Answer
A. Private key cryptography

Explanation
Symmetric cryptographic algorithms are also called private key cryptography because they use the same key for both encryption and decryption. In this type of cryptography, the sender and receiver both share the same secret key, which is used to encrypt the data at the sender's end and decrypt it at the receiver's end. Unlike public key cryptography, where different keys are used for encryption and decryption, private key cryptography offers faster processing speed but requires a secure way to exchange the shared key between the sender and receiver.

Rate this question:
46.

A(n) _____ is not decrypted but is only used for comparison purposes.
- A.
  
  Stream
- B.
  
  Hash
- C.
  
  Algorithm
- D.
  
  Key
Correct Answer
B. Hash

Explanation
A hash is not decrypted but is only used for comparison purposes. A hash function takes an input and produces a fixed-size string of characters, which is the hash value. It is a one-way function, meaning it cannot be reversed to obtain the original input. Hashes are commonly used in computer systems to verify the integrity of data or passwords by comparing the generated hash with a stored hash. Therefore, a hash is not decrypted but serves as a reference for comparison.

Rate this question:
47.

Each of the following is a characteristic of a secure hash algorithm except _______.
- A.
  
  Collisions should be rare
- B.
  
  The results of a hash function should not be reversed
- C.
  
  The hash should always be the same fixed size
- D.
  
  A message cannot be produced from a predefined hash
Correct Answer
A. Collisions should be rare

Explanation
A secure hash algorithm is designed to produce a unique hash value for each input, making it extremely unlikely for two different inputs to produce the same hash value (collisions). Therefore, the statement "collisions should be rare" is incorrect because in a secure hash algorithm, collisions should be practically impossible. The other characteristics mentioned in the question are all correct expectations of a secure hash algorithm.

Rate this question:
48.

Hashing would not be used in which of the following examples?
- A.
  
  Bank automatic teller machine (ATM)
- B.
  
  Encrypting and decrypting e-mail attachments
- C.
  
  Verifying a user password entered on a Linux system
- D.
  
  Determining the integrity of a message
Correct Answer
B. Encrypting and decrypting e-mail attachments

Explanation
Hashing would not be used in encrypting and decrypting e-mail attachments. Hashing is a one-way function that converts data into a fixed-size string of characters, which is used for verifying data integrity or comparing data. However, when encrypting and decrypting e-mail attachments, a different process is used, such as symmetric or asymmetric encryption algorithms, to ensure data confidentiality and privacy. Hashing is not suitable for this purpose as it does not provide the ability to retrieve the original data.

Rate this question:
49.

_____ encrypts a hash with a shared secret key.
- A.
  
  Key_hash
- B.
  
  WEP
- C.
  
  MDRIPE
- D.
  
  Hashed Message Authentication Code (HMAC)
Correct Answer
D. Hashed Message Authentication Code (HMAC)

Explanation
HMAC (Hashed Message Authentication Code) is a cryptographic algorithm that encrypts a hash with a shared secret key. It is commonly used for data integrity and authentication purposes in various protocols and systems. HMAC combines the input data with the secret key using a hash function to generate a unique hash value. This hash value can then be used to verify the integrity and authenticity of the data.

Rate this question:
50.

Which of the following is a protection provided by hashing?
- A.
  
  Authenticity
- B.
  
  Confidentiality
- C.
  
  Integrity
- D.
  
  Availability
Correct Answer
C. Integrity

Explanation
Hashing is a process that converts data into a fixed-size string of characters. It is commonly used to ensure the integrity of data. When data is hashed, any change in the data will result in a different hash value. By comparing the hash values before and after transmission or storage, one can verify if the data has been tampered with or not. Therefore, integrity is a protection provided by hashing.

Rate this question:

Institute Of Electrical And Electronics Engineers IEEE Quiz

A RADIUS authentication server requires that the _____ be authenticated first.authentication server.

Each of the following make up the AAA elements in network security except _______.

With the development of IEEE 802.1x port security, the authentication server _____ has seen even greater usage.

_____ is an authentication protocol available as a free download that runs on Microsoft Windows 7/Vista, Windows Server 2008, Apple Mac OS X, and Linux.

The version of the X.500 standard that runs on a personal computer over TCP/IP is_____.

A user entering her user name would correspond to the _____ action in access control.

A process functioning on behalf of the user that attempts to access a file is known as a(n) _______.

The individual who periodically reviews security settings and maintains records of access by users is called the _____.

In the _____ model, the end user cannot change any security settings.

Rule Based Access Control _____.

Separation of duties requires that _____.

_____ in access control means that if a condition is not explicitly met then access is to be rejected.

A(n) _____ is a set of permissions that is attached to an object.

_____ is a Microsoft Windows feature that provides centralized management and configuration of computers and remote users who are using Active Directory.

A(n) _____ constructs LDAP statements based on user inputs in order to retrieve information from the database or modify its contents.

The least restrictive access control model is _____.

The principle known as _____ in access control means that each user should only be given the minimal amount of privileges necessary for that person to perform their job function.

A(n) _____ is the person responsible for the information and determines the level of security needed for the data and delegates security duties as required.

In the Mandatory Access Control (MAC) model, every subject and object _____.

A user account that has not been accessed for a lengthy period of time is called a(n) _____ account.

Each of the following is a type of authentication credential except _______.

Which of the following is not a reason why users create weak passwords?

Which of the following attacks on passwords requires the attacker to have physical access to the computer to insert a USB flash drive?

What is a hybrid attack?

Each of the following is a step in creating a strong password except _______.

A token code is valid _______.

A token system that requires the user to enter the code along with a PIN is called a _______.

A _____ is a U.S. Department of Defense (DoD) smart card that is used for identification for active-duty and reserve military personnel.

Keystroke dynamics is an example of _____ biometrics.

Creating a pattern of when and from where a user accesses a remote Web account is an example of ________.

_____ is a decentralized open source FIM that does not require specific software to be installed on the desktop.

Which of the following human characteristics cannot be used for biometric identification?

_____ biometrics is related to the perception, thought processes, and understanding of the user.

Using one authentication credential to access multiple accounts or applications is known as _______.

A disadvantage of biometric readers is _______.

Which single sign-on (SSO) technology depends upon tokens?

Why should the account lockout threshold not be set too low?

Which of the following is NOT a flaw in standard operating systems?

An operating system that is designed to be secure by controlling critical parts of it to limit access from attackers and administrators is a _______.

Which technique would prevent an attacker from China from logging into a user’s account at 4:00AM?

What is data called that is to be encrypted by inputting into an encryption algorithm?

Which of the following is not a basic security protection over information that cryptography can provide?

The areas of a file in which steganography can hide data include all of the following except ______.

Proving that a user sent an e-mail message is known as ______.

Symmetric cryptographic algorithms are also called ______.

A(n) _____ is not decrypted but is only used for comparison purposes.

Each of the following is a characteristic of a secure hash algorithm except _______.

Hashing would not be used in which of the following examples?

_____ encrypts a hash with a shared secret key.

Which of the following is a protection provided by hashing?