PROG-350 Review Questions Chapters 9-11

60 Questions | By MrsQ

- +

or Create Online Exam

Questions and Answers

1.

A RADIUS authentication server requires that the _____ be authenticated first.authentication server.
- A.
  
  Authentication server
- B.
  
  Supplicant
- C.
  
  Authenticator
- D.
  
  User
2.

Each of the following make up the AAA elements in network security except _______.
- A.
  
  Controlling access to network resources (authentication)
- B.
  
  Enforcing security policies (authorization)
- C.
  
  Determining user need (analyzing)
- D.
  
  Auditing usage (accounting)
3.

With the development of IEEE 802.1x port security, the authentication server _____ has seen even greater usage.
- A.
  
  RDAP
- B.
  
  DAP
- C.
  
  RADIUS
- D.
  
  AAA
4.

_____ is an authentication protocol available as a free download that runs on Microsoft Windows 7/Vista, Windows Server 2008, Apple Mac OS X, and Linux.
- A.
  
  IEEE 802.1x
- B.
  
  RADIUS
- C.
  
  Kerberos
- D.
  
  LDAP
5.

The version of the X.500 standard that runs on a personal computer over TCP/IP is_____.
- A.
  
  DAP
- B.
  
  LDAP
- C.
  
  IEEE X.501
- D.
  
  Lite RDAP
6.

A user entering her user name would correspond to the _____ action in access control.
- A.
  
  Authentication
- B.
  
  Identification
- C.
  
  Authorization
- D.
  
  Access
7.

A process functioning on behalf of the user that attempts to access a file is known as a(n) _______.
- A.
  
  Object
- B.
  
  Subject
- C.
  
  Resource
- D.
  
  Operation check
8.

The individual who periodically reviews security settings and maintains records of access by users is called the _____.
- A.
  
  Supervisor
- B.
  
  Owner
- C.
  
  Custodian
- D.
  
  Manager
9.

In the _____ model, the end user cannot change any security settings.
- A.
  
  Discretionary Access Control
- B.
  
  Security Access Control
- C.
  
  Mandatory Access Control
- D.
  
  Restricted Access Control
10.

Rule Based Access Control _____.
- A.
  
  Is considered obsolete today
- B.
  
  Dynamically assigns roles to subjects based on rules
- C.
  
  Is considered a real-world approach by linking a user’s job function with security
- D.
  
  Requires that a custodian set all rules
11.

Separation of duties requires that _____.
- A.
  
  Processes should be divided between two or more individuals
- B.
  
  End users cannot set security for themselves
- C.
  
  Managers must monitor owners for security purposes
- D.
  
  Jobs be rotated among different individuals
12.

_____ in access control means that if a condition is not explicitly met then access is to be rejected.
- A.
  
  Denial of duties
- B.
  
  Implicit deny
- C.
  
  Explicit rejection
- D.
  
  Prevention control
13.

A(n) _____ is a set of permissions that is attached to an object.
- A.
  
  Access control list (ACL)
- B.
  
  Subject Access Entity (SAE)
- C.
  
  Object modifier
- D.
  
  Security entry designator
14.

_____ is a Microsoft Windows feature that provides centralized management and configuration of computers and remote users who are using Active Directory.
- A.
  
  Windows Register Settings
- B.
  
  Group Policy
- C.
  
  Resource Allocation Entities
- D.
  
  AD Management Services (ADMS)
15.

A(n) _____ constructs LDAP statements based on user inputs in order to retrieve information from the database or modify its contents.
- A.
  
  SQL/LDAP insert attack
- B.
  
  Modified Trojan attack
- C.
  
  LDAP injection attack
- D.
  
  RBASE plug-in attack
16.

The least restrictive access control model is _____.
- A.
  
  Role Based Access Control (RBAC)
- B.
  
  Mandatory Access Control (MAC)
- C.
  
  Discretionary Access Control (DAC)
- D.
  
  Rule Based Access Control (RBAC)
17.

The principle known as _____ in access control means that each user should only be given the minimal amount of privileges necessary for that person to perform their job function.
- A.
  
  Enterprise Security
- B.
  
  Least privilege
- C.
  
  Deny all
- D.
  
  Mandatory Limitations
18.

A(n) _____ is the person responsible for the information and determines the level of security needed for the data and delegates security duties as required.
- A.
  
  Owner
- B.
  
  Custodian
- C.
  
  End user
- D.
  
  Administrator
19.

In the Mandatory Access Control (MAC) model, every subject and object _____.
- A.
  
  Is restricted and cannot be accessed
- B.
  
  Is assigned a label
- C.
  
  Can be changed by the owner
- D.
  
  Must be given a number from 200–900
20.

A user account that has not been accessed for a lengthy period of time is called a(n) _____ account.
- A.
  
  Orphaned
- B.
  
  Limbo
- C.
  
  Static
- D.
  
  Dormant
21.

Each of the following is a type of authentication credential except _______.
- A.
  
  What you have
- B.
  
  What you are
- C.
  
  What you discover
- D.
  
  What you know
22.

Which of the following is not a reason why users create weak passwords?
- A.
  
  A lengthy and complex password can be difficult to memorize.
- B.
  
  A security policy requires a password to be changed regularly.
- C.
  
  Having multiple passwords makes it hard to remember all of them.
- D.
  
  Most sites force users to create weak passwords although they do not want to.
23.

Which of the following attacks on passwords requires the attacker to have physical access to the computer to insert a USB flash drive?
- A.
  
  Resetting
- B.
  
  Capturing
- C.
  
  Social engineering
- D.
  
  Online guessing
24.

What is a hybrid attack?
- A.
  
  An attack that combines a dictionary attack with an online guessing attack
- B.
  
  A brute force attack that uses special tables
- C.
  
  An attack that slightly alters dictionary words
- D.
  
  An attack that uses both automated and user input
25.

Each of the following is a step in creating a strong password except _______.
- A.
  
  Use a short password so the computer can process it more quickly
- B.
  
  Avoid using phonetic words
- C.
  
  Do not use sequences
- D.
  
  Do not use personal information
26.

A token code is valid _______.
- A.
  
  For as long as it appears on the device
- B.
  
  For up to 1 hour
- C.
  
  Only for the user who possesses the device
- D.
  
  If it is longer than 8 characters
27.

A token system that requires the user to enter the code along with a PIN is called a _______.
- A.
  
  Single-factor authentication system
- B.
  
  Dual-prong verification system
- C.
  
  Multi-factor authentication system
- D.
  
  Token-passing authentication system
28.

A _____ is a U.S. Department of Defense (DoD) smart card that is used for identification for active-duty and reserve military personnel.
- A.
  
  Personal Identity Verification (PIV) card
- B.
  
  Government Smart Card (GSC)
- C.
  
  Secure ID Card (SIDC)
- D.
  
  Common Access Card (CAC)
29.

Keystroke dynamics is an example of _____ biometrics.
- A.
  
  Resource
- B.
  
  Cognitive
- C.
  
  Adaptive
- D.
  
  Behavioral
30.

Creating a pattern of when and from where a user accesses a remote Web account is an example of ________.
- A.
  
  Time-Location Resource Monitoring (TLRM)
- B.
  
  Keystroke dynamics
- C.
  
  Cognitive biometrics
- D.
  
  Computer footprinting
31.

_____ is a decentralized open source FIM that does not require specific software to be installed on the desktop.
- A.
  
  SSO Login Resource (SSO-LR)
- B.
  
  Windows CardSpace
- C.
  
  OpenID
- D.
  
  Windows Live ID
32.

Which of the following human characteristics cannot be used for biometric identification?
- A.
  
  Face
- B.
  
  Weight
- C.
  
  Fingerprint
- D.
  
  Retina
33.

_____ biometrics is related to the perception, thought processes, and understanding of the user.
- A.
  
  Standard
- B.
  
  Intelligent
- C.
  
  Behavioral
- D.
  
  Cognitive
34.

Using one authentication credential to access multiple accounts or applications is known as _______.
- A.
  
  Credentialization
- B.
  
  Identification authentication
- C.
  
  Single sign-on
- D.
  
  Federal login
35.

A disadvantage of biometric readers is _______.
- A.
  
  Speed
- B.
  
  Size
- C.
  
  Cost
- D.
  
  Standards
36.

Which single sign-on (SSO) technology depends upon tokens?
- A.
  
  OAuth
- B.
  
  CardSpace
- C.
  
  OpenID
- D.
  
  All SSO technologies use tokens.
37.

Why should the account lockout threshold not be set too low?
- A.
  
  It could decrease calls to the help desk.
- B.
  
  Because the network administrator would then have to manually reset the account.
- C.
  
  So the user would not have to wait too long to have their password reset.
- D.
  
  It could result in denial of service (DoS) attacks.
38.

Which of the following is NOT a flaw in standard operating systems?
- A.
  
  Operating systems by default use the principle of least privilege.
- B.
  
  Operating systems are complex programs with millions of lines of code that make vulnerabilities extremely difficult to recognize.
- C.
  
  Operating systems do not isolate applications from each another so that one application that is compromised can impact the entire computer.
- D.
  
  Operating systems cannot create a trusted path between users and applications.
39.

An operating system that is designed to be secure by controlling critical parts of it to limit access from attackers and administrators is a _______.
- A.
  
  Secure OS
- B.
  
  Trustworthy OS
- C.
  
  Managed OS
- D.
  
  Trusted OS
40.

Which technique would prevent an attacker from China from logging into a user’s account at 4:00AM?
- A.
  
  Computer footprinting
- B.
  
  OpenAuthorization
- C.
  
  Cognitive biometrics
- D.
  
  Internet Throttling
41.

What is data called that is to be encrypted by inputting into an encryption algorithm?
- A.
  
  Plaintext
- B.
  
  Cleartext
- C.
  
  Opentext
- D.
  
  Ciphertext
42.

Which of the following is not a basic security protection over information that cryptography can provide?
- A.
  
  Confidentiality
- B.
  
  Stop loss
- C.
  
  Integrity
- D.
  
  Authenticity
43.

The areas of a file in which steganography can hide data include all of the following except ______.
- A.
  
  In data that is used to describe the content or structure of the actual data
- B.
  
  In the directory structure of the file system
- C.
  
  In the file header fields that describe the file
- D.
  
  In areas that contain the content data itself
44.

Proving that a user sent an e-mail message is known as ______.
- A.
  
  Repudiation
- B.
  
  Integrity
- C.
  
  Non-repudiation
- D.
  
  Availability
45.

Symmetric cryptographic algorithms are also called ______.
- A.
  
  Private key cryptography
- B.
  
  Cipherkey cryptography
- C.
  
  Public/private key cryptography
- D.
  
  Public key cryptography
46.

A(n) _____ is not decrypted but is only used for comparison purposes.
- A.
  
  Stream
- B.
  
  Hash
- C.
  
  Algorithm
- D.
  
  Key
47.

Each of the following is a characteristic of a secure hash algorithm except _______.
- A.
  
  Collisions should be rare
- B.
  
  The results of a hash function should not be reversed
- C.
  
  The hash should always be the same fixed size
- D.
  
  A message cannot be produced from a predefined hash
48.

Hashing would not be used in which of the following examples?
- A.
  
  Bank automatic teller machine (ATM)
- B.
  
  Encrypting and decrypting e-mail attachments
- C.
  
  Verifying a user password entered on a Linux system
- D.
  
  Determining the integrity of a message
49.

_____ encrypts a hash with a shared secret key.
- A.
  
  Key_hash
- B.
  
  WEP
- C.
  
  MDRIPE
- D.
  
  Hashed Message Authentication Code (HMAC)
50.

Which of the following is a protection provided by hashing?
- A.
  
  Authenticity
- B.
  
  Confidentiality
- C.
  
  Integrity
- D.
  
  Availability
51.

_____ is a hash that uses two different and independent parallel chains of computation, the result of which are then combined at the end of the process.
- A.
  
  DES
- B.
  
  AES
- C.
  
  RC4
- D.
  
  RIPEMD
52.

Which of the following is the strongest symmetric cryptographic algorithm?
- A.
  
  Advanced Encryption Standard
- B.
  
  Data Encryption Standard
- C.
  
  Triple Data Encryption Standard
- D.
  
  Rivest Cipher (RC)
53.

If Bob wants to send a secure message to Alice using an asymmetric cryptographic algorithm, the key he uses to encrypt the message is _______.
- A.
  
  Alice’s private key
- B.
  
  Alice’s public key
- C.
  
  Bob’s public key
- D.
  
  Bob’s private key
54.

A digital signature can provide each of the following benefits except ______.
- A.
  
  Prove the integrity of the message
- B.
  
  Verify the receiver
- C.
  
  Verify the sender
- D.
  
  Enforce non-repudiation
55.

Which of the following asymmetric cryptographic algorithms is the most secure?
- A.
  
  MEC-2
- B.
  
  RSA
- C.
  
  MD-17
- D.
  
  SHA-2
56.

Which of the following asymmetric encryption algorithms uses prime numbers?
- A.
  
  EFS
- B.
  
  Quantum computing
- C.
  
  ECC
- D.
  
  RSA
57.

_____ uses lattice-based cryptography and may be more resistant to quantum computing attacks.
- A.
  
  NTRUEncrypt
- B.
  
  ECC
- C.
  
  RC4
- D.
  
  SHA-512
58.

The Trusted Platform Module (TPM) _____.
- A.
  
  Allows the user to boot a corrupted disk and repair it
- B.
  
  Is only available on Windows computers running BitLocker
- C.
  
  Includes a pseudorandom number generator (PRNG)
- D.
  
  Provides cryptographic services in hardware instead of software
59.

Which of the following has an onboard key generator and key storage facility, accelerated symmetric and asymmetric encryption, and can back up sensitive material in encrypted form?
- A.
  
  Trusted Platform Module (TPM)
- B.
  
  Self-encrypting hard disk drives (HDDs)
- C.
  
  Encrypted hardware-based USB devices
- D.
  
  Hardware Security Module (HSM)
60.

The Microsoft Windows LAN Manager hash ______.
- A.
  
  Is weaker than NTLMv2
- B.
  
  Is part of BitLocker
- C.
  
  Is required to be present when using TPM
- D.
  
  Is identical to MD-4

Back to top

Related Quizzes

Featured Quizzes