Institute Of Electrical And Electronics Engineers IEEE Quiz

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By MrsQ
M
MrsQ
Community Contributor
Quizzes Created: 5 | Total Attempts: 3,248
| Attempts: 809
SettingsSettings
Please wait...
  • 1/60 Questions

    Which of the following human characteristics cannot be used for biometric identification?

    • Face
    • Weight
    • Fingerprint
    • Retina
Please wait...
About This Quiz

This IEEE quiz evaluates knowledge on network security protocols and standards, including RADIUS, LDAP, and IEEE 802.1x. It tests understanding of AAA elements, Kerberos authentication, and the identification process in access control, essential for professionals in IT security.

Security Quizzes & Trivia

Quiz Preview

  • 2. 

    Each of the following is a step in creating a strong password except _______.

    • Use a short password so the computer can process it more quickly

    • Avoid using phonetic words

    • Do not use sequences

    • Do not use personal information

    Correct Answer
    A. Use a short password so the computer can process it more quickly
    Explanation
    The given answer is "use a short password so the computer can process it more quickly". This is because using a short password makes it easier for hackers to guess or crack the password. A strong password should be long and complex, including a combination of uppercase and lowercase letters, numbers, and special characters. This makes it more difficult for hackers to guess or use automated programs to crack the password.

    Rate this question:

  • 3. 

    A disadvantage of biometric readers is _______.

    • Speed

    • Size

    • Cost

    • Standards

    Correct Answer
    A. Cost
    Explanation
    Biometric readers have the disadvantage of being costly. This means that implementing and maintaining these readers can be expensive for individuals or organizations. The cost includes not only the initial purchase of the biometric reader but also any additional expenses for installation, training, and regular maintenance. This can make it difficult for some individuals or organizations to afford and adopt biometric readers, limiting their accessibility and usage.

    Rate this question:

  • 4. 

    With the development of IEEE 802.1x port security, the authentication server _____ has seen even greater usage.

    • RDAP

    • DAP

    • RADIUS

    • AAA

    Correct Answer
    A. RADIUS
    Explanation
    With the development of IEEE 802.1x port security, the authentication server RADIUS has seen even greater usage. RADIUS (Remote Authentication Dial-In User Service) is a widely used protocol that provides centralized authentication, authorization, and accounting management for users who connect and access network resources. As IEEE 802.1x port security has become more prevalent, the need for a robust and scalable authentication server like RADIUS has increased, making it the correct answer in this context.

    Rate this question:

  • 5. 

    Each of the following is a type of authentication credential except _______.

    • What you have

    • What you are

    • What you discover

    • What you know

    Correct Answer
    A. What you discover
    Explanation
    The given answer, "what you discover," is the correct answer because it does not fit the definition of an authentication credential. Authentication credentials are typically something that a person possesses or knows, such as a password, a smart card, or a fingerprint. "What you discover" does not fall into this category and therefore does not qualify as an authentication credential.

    Rate this question:

  • 6. 

    A(n) _____ is not decrypted but is only used for comparison purposes.

    • Stream

    • Hash

    • Algorithm

    • Key

    Correct Answer
    A. Hash
    Explanation
    A hash is not decrypted but is only used for comparison purposes. A hash function takes an input and produces a fixed-size string of characters, which is the hash value. It is a one-way function, meaning it cannot be reversed to obtain the original input. Hashes are commonly used in computer systems to verify the integrity of data or passwords by comparing the generated hash with a stored hash. Therefore, a hash is not decrypted but serves as a reference for comparison.

    Rate this question:

  • 7. 

    _____ encrypts a hash with a shared secret key.

    • Key_hash

    • WEP

    • MDRIPE

    • Hashed Message Authentication Code (HMAC)

    Correct Answer
    A. Hashed Message Authentication Code (HMAC)
    Explanation
    HMAC (Hashed Message Authentication Code) is a cryptographic algorithm that encrypts a hash with a shared secret key. It is commonly used for data integrity and authentication purposes in various protocols and systems. HMAC combines the input data with the secret key using a hash function to generate a unique hash value. This hash value can then be used to verify the integrity and authenticity of the data.

    Rate this question:

  • 8. 

    Which of the following is not a basic security protection over information that cryptography can provide?

    • Confidentiality

    • Stop loss

    • Integrity

    • Authenticity

    Correct Answer
    A. Stop loss
    Explanation
    The given answer "Stop loss" is not a basic security protection that cryptography can provide. Cryptography primarily focuses on ensuring confidentiality by encrypting information, integrity by detecting any unauthorized modifications, and authenticity by verifying the identity of the sender or receiver. "Stop loss" is not directly related to these security protections and is more commonly associated with financial risk management.

    Rate this question:

  • 9. 

    Using one authentication credential to access multiple accounts or applications is known as _______.

    • Credentialization

    • Identification authentication

    • Single sign-on

    • Federal login

    Correct Answer
    A. Single sign-on
    Explanation
    Single sign-on refers to the practice of using one set of authentication credentials (such as username and password) to access multiple accounts or applications. This eliminates the need for users to remember multiple login credentials and simplifies the authentication process. With single sign-on, users can authenticate once and gain access to multiple systems or applications without the need to re-enter their credentials.

    Rate this question:

  • 10. 

    The principle known as _____ in access control means that each user should only be given the minimal amount of privileges necessary for that person to perform their job function.

    • Enterprise Security

    • Least privilege

    • Deny all

    • Mandatory Limitations

    Correct Answer
    A. Least privilege
    Explanation
    The principle known as "least privilege" in access control means that each user should only be given the minimal amount of privileges necessary for that person to perform their job function. This principle ensures that users have access only to the resources and actions that are essential for their specific tasks, reducing the risk of unauthorized access or misuse of privileges. By limiting privileges to the minimum required, organizations can enhance security and mitigate the potential impact of a compromised user account.

    Rate this question:

  • 11. 

    A user account that has not been accessed for a lengthy period of time is called a(n) _____ account.

    • Orphaned

    • Limbo

    • Static

    • Dormant

    Correct Answer
    A. Dormant
    Explanation
    A user account that has not been accessed for a lengthy period of time is called a dormant account. This term is used to describe an account that has been inactive and unused for an extended period. It implies that the account is currently not in use and may require reactivation or deletion.

    Rate this question:

  • 12. 

    Keystroke dynamics is an example of _____ biometrics.

    • Resource

    • Cognitive

    • Adaptive

    • Behavioral

    Correct Answer
    A. Behavioral
    Explanation
    Keystroke dynamics is an example of behavioral biometrics because it involves analyzing an individual's unique typing patterns and rhythms. It focuses on the behavioral aspect of how a person types, including factors such as typing speed, keystroke duration, and the intervals between keystrokes. By analyzing these behavioral patterns, keystroke dynamics can be used as a biometric authentication method to verify a person's identity.

    Rate this question:

  • 13. 

    Which of the following asymmetric cryptographic algorithms is the most secure?

    • MEC-2

    • RSA

    • MD-17

    • SHA-2

    Correct Answer
    A. RSA
    Explanation
    RSA is considered the most secure asymmetric cryptographic algorithm because of its strong security features and widespread adoption. It is based on the mathematical difficulty of factoring large prime numbers, making it resistant to attacks. RSA is widely used for secure communication, digital signatures, and encryption. MEC-2, MD-17, and SHA-2 are not asymmetric cryptographic algorithms and therefore not as secure as RSA.

    Rate this question:

  • 14. 

    Why should the account lockout threshold not be set too low?

    • It could decrease calls to the help desk.

    • Because the network administrator would then have to manually reset the account.

    • So the user would not have to wait too long to have their password reset.

    • It could result in denial of service (DoS) attacks.

    Correct Answer
    A. It could result in denial of service (DoS) attacks.
    Explanation
    Setting the account lockout threshold too low could result in denial of service (DoS) attacks. This is because if the threshold is set too low, even a small number of unsuccessful login attempts can trigger the account lockout, effectively denying access to legitimate users. Attackers can exploit this by intentionally attempting multiple incorrect logins, causing legitimate users to be locked out of their accounts. Therefore, it is important to set the threshold at an appropriate level to balance security and usability.

    Rate this question:

  • 15. 

    A(n) _____ is a set of permissions that is attached to an object.

    • Access control list (ACL)

    • Subject Access Entity (SAE)

    • Object modifier

    • Security entry designator

    Correct Answer
    A. Access control list (ACL)
    Explanation
    An access control list (ACL) is a set of permissions that is attached to an object. It specifies which users or groups are granted access to the object and what level of access they have. It is a commonly used method for controlling access to resources in computer systems and networks.

    Rate this question:

  • 16. 

    Which of the following asymmetric encryption algorithms uses prime numbers?

    • EFS

    • Quantum computing

    • ECC

    • RSA

    Correct Answer
    A. RSA
    Explanation
    RSA is an asymmetric encryption algorithm that uses prime numbers. It relies on the difficulty of factoring large composite numbers into their prime factors. The security of RSA encryption is based on the assumption that factoring large numbers is a computationally difficult problem. The algorithm uses the public key for encryption and the private key for decryption, making it suitable for secure communication and data transmission over untrusted networks.

    Rate this question:

  • 17. 

    A(n) _____ constructs LDAP statements based on user inputs in order to retrieve information from the database or modify its contents.

    • SQL/LDAP insert attack

    • Modified Trojan attack

    • LDAP injection attack

    • RBASE plug-in attack

    Correct Answer
    A. LDAP injection attack
    Explanation
    An LDAP injection attack is a type of attack where an attacker constructs LDAP statements using user inputs to manipulate the database or retrieve unauthorized information. This type of attack can exploit vulnerabilities in the application's input validation mechanisms and can result in unauthorized access to sensitive data or modification of the database contents.

    Rate this question:

  • 18. 

    Which of the following is not a reason why users create weak passwords?

    • A lengthy and complex password can be difficult to memorize.

    • A security policy requires a password to be changed regularly.

    • Having multiple passwords makes it hard to remember all of them.

    • Most sites force users to create weak passwords although they do not want to.

    Correct Answer
    A. Most sites force users to create weak passwords although they do not want to.
    Explanation
    The given answer states that most sites force users to create weak passwords although they do not want to. This is not a reason why users create weak passwords. Users may create weak passwords for various reasons, such as finding it difficult to memorize a lengthy and complex password, having multiple passwords to remember, or being required to change passwords regularly due to a security policy.

    Rate this question:

  • 19. 

    _____ biometrics is related to the perception, thought processes, and understanding of the user.

    • Standard

    • Intelligent

    • Behavioral

    • Cognitive

    Correct Answer
    A. Cognitive
    Explanation
    Cognitive biometrics refers to the use of biometric data related to the user's perception, thought processes, and understanding. It involves analyzing and measuring cognitive functions such as attention, memory, and problem-solving abilities. This type of biometrics focuses on understanding how the user thinks and processes information, rather than physical characteristics like fingerprints or facial features. By studying cognitive biometrics, systems can gain insights into the user's mental state and tailor experiences accordingly.

    Rate this question:

  • 20. 

    Which technique would prevent an attacker from China from logging into a user’s account at 4:00AM?

    • Computer footprinting

    • OpenAuthorization

    • Cognitive biometrics

    • Internet Throttling

    Correct Answer
    A. Computer footprinting
    Explanation
    Computer footprinting is the technique that would prevent an attacker from China from logging into a user's account at 4:00AM. Computer footprinting involves gathering information about a computer system, such as its IP address, operating system, and software, in order to identify and track potential attackers. By monitoring and analyzing the footprint left by the attacker's computer, security measures can be put in place to block unauthorized access attempts, including those from specific geographical locations like China.

    Rate this question:

  • 21. 

    The Trusted Platform Module (TPM) _____.

    • Allows the user to boot a corrupted disk and repair it

    • Is only available on Windows computers running BitLocker

    • Includes a pseudorandom number generator (PRNG)

    • Provides cryptographic services in hardware instead of software

    Correct Answer
    A. Provides cryptographic services in hardware instead of software
    Explanation
    The Trusted Platform Module (TPM) provides cryptographic services in hardware instead of software. This means that the TPM has its own dedicated hardware chip that performs cryptographic operations, such as encryption and decryption, rather than relying on software-based implementations. This hardware-based approach offers enhanced security as it is more resistant to attacks and tampering compared to software-based solutions.

    Rate this question:

  • 22. 

    Each of the following make up the AAA elements in network security except _______.

    • Controlling access to network resources (authentication)

    • Enforcing security policies (authorization)

    • Determining user need (analyzing)

    • Auditing usage (accounting)

    Correct Answer
    A. Determining user need (analyzing)
    Explanation
    The AAA elements in network security refer to authentication, authorization, and accounting. These elements are crucial for ensuring the security of network resources. Authentication involves controlling access to network resources by verifying the identity of users. Authorization is the process of enforcing security policies and determining what actions users are allowed to perform. Accounting involves auditing usage and keeping track of user activities. However, determining user need (analyzing) is not a part of the AAA elements in network security. This means that it is not directly related to the process of authentication, authorization, and accounting in network security.

    Rate this question:

  • 23. 

    _____ in access control means that if a condition is not explicitly met then access is to be rejected.

    • Denial of duties

    • Implicit deny

    • Explicit rejection

    • Prevention control

    Correct Answer
    A. Implicit deny
    Explanation
    Implicit deny in access control means that if a condition is not explicitly met, access is to be rejected. This means that unless a user is specifically granted access to a resource, they are automatically denied access by default. Implicit deny acts as a safeguard, ensuring that only authorized individuals are granted access to sensitive information or resources.

    Rate this question:

  • 24. 

    A digital signature can provide each of the following benefits except ______.

    • Prove the integrity of the message

    • Verify the receiver

    • Verify the sender

    • Enforce non-repudiation

    Correct Answer
    A. Verify the receiver
    Explanation
    A digital signature is a cryptographic technique used to verify the authenticity and integrity of a message. It ensures that the message has not been tampered with during transmission and can be trusted. It also verifies the identity of the sender, providing non-repudiation, meaning the sender cannot deny sending the message. However, it does not have the capability to verify the receiver's identity or authenticity. Therefore, the correct answer is "verify the receiver."

    Rate this question:

  • 25. 

    The Microsoft Windows LAN Manager hash ______.

    • Is weaker than NTLMv2

    • Is part of BitLocker

    • Is required to be present when using TPM

    • Is identical to MD-4

    Correct Answer
    A. Is weaker than NTLMv2
    Explanation
    The Microsoft Windows LAN Manager hash is weaker than NTLMv2. This is because the LAN Manager hash is an older and less secure password hashing algorithm used by Microsoft Windows operating systems. NTLMv2, on the other hand, is an improved and more secure version of the NTLM authentication protocol, providing stronger protection against password cracking and other security threats.

    Rate this question:

  • 26. 

    The least restrictive access control model is _____.

    • Role Based Access Control (RBAC)

    • Mandatory Access Control (MAC)

    • Discretionary Access Control (DAC)

    • Rule Based Access Control (RBAC)

    Correct Answer
    A. Discretionary Access Control (DAC)
    Explanation
    Discretionary Access Control (DAC) is the least restrictive access control model because it allows the owner of a resource to determine who can access it and what actions they can perform on it. In DAC, access control decisions are based on the identity and privileges of individual users or groups. This model provides flexibility and user autonomy, as it allows users to grant or revoke access to their resources. In contrast, Mandatory Access Control (MAC) and Rule Based Access Control (RBAC) are more restrictive, as access decisions are based on predefined rules and policies, while RBAC is a more advanced model that assigns access based on roles.

    Rate this question:

  • 27. 

    The individual who periodically reviews security settings and maintains records of access by users is called the _____.

    • Supervisor

    • Owner

    • Custodian

    • Manager

    Correct Answer
    A. Custodian
    Explanation
    A custodian is responsible for periodically reviewing security settings and maintaining records of access by users. They ensure that the appropriate security measures are in place and monitor user activity to ensure compliance with security protocols. The custodian plays a crucial role in maintaining the integrity and confidentiality of the system by regularly reviewing and updating security settings and keeping accurate records of user access.

    Rate this question:

  • 28. 

    A token code is valid _______.

    • For as long as it appears on the device

    • For up to 1 hour

    • Only for the user who possesses the device

    • If it is longer than 8 characters

    Correct Answer
    A. For as long as it appears on the device
    Explanation
    The correct answer is "for as long as it appears on the device." This means that the token code remains valid as long as it is visible or displayed on the device. Once it is no longer visible, it is no longer considered valid.

    Rate this question:

  • 29. 

    Creating a pattern of when and from where a user accesses a remote Web account is an example of ________.

    • Time-Location Resource Monitoring (TLRM)

    • Keystroke dynamics

    • Cognitive biometrics

    • Computer footprinting

    Correct Answer
    A. Computer footprinting
    Explanation
    Computer footprinting refers to the process of tracking and recording the activities and behaviors of a user on a computer or network. In this scenario, creating a pattern of when and from where a user accesses a remote Web account involves monitoring and recording the user's login times and locations. This information can be used to establish a unique footprint for the user, which can be helpful for security purposes, such as detecting any suspicious or unauthorized access attempts.

    Rate this question:

  • 30. 

    Which of the following is a protection provided by hashing?

    • Authenticity

    • Confidentiality

    • Integrity

    • Availability

    Correct Answer
    A. Integrity
    Explanation
    Hashing is a process that converts data into a fixed-size string of characters. It is commonly used to ensure the integrity of data. When data is hashed, any change in the data will result in a different hash value. By comparing the hash values before and after transmission or storage, one can verify if the data has been tampered with or not. Therefore, integrity is a protection provided by hashing.

    Rate this question:

  • 31. 

    Rule Based Access Control _____.

    • Is considered obsolete today

    • Dynamically assigns roles to subjects based on rules

    • Is considered a real-world approach by linking a user’s job function with security

    • Requires that a custodian set all rules

    Correct Answer
    A. Dynamically assigns roles to subjects based on rules
    Explanation
    Rule Based Access Control (RBAC) is a method of access control that dynamically assigns roles to subjects based on rules. This means that instead of manually assigning permissions to individual users, RBAC automatically assigns roles to users based on their job function or other criteria. This approach is considered efficient and scalable, as it allows for easy management of access control in large organizations with numerous users and complex permissions requirements. It is a widely used and effective approach in today's security systems.

    Rate this question:

  • 32. 

    Separation of duties requires that _____.

    • Processes should be divided between two or more individuals

    • End users cannot set security for themselves

    • Managers must monitor owners for security purposes

    • Jobs be rotated among different individuals

    Correct Answer
    A. Processes should be divided between two or more individuals
    Explanation
    Separation of duties is a principle that ensures that no single individual has complete control over a process or system. By dividing processes between two or more individuals, it helps to prevent fraud, errors, and abuse of power. This ensures that there is a system of checks and balances in place, as different individuals are responsible for different aspects of a process. This helps to increase accountability and reduce the risk of unauthorized actions or mistakes.

    Rate this question:

  • 33. 

    A token system that requires the user to enter the code along with a PIN is called a _______.

    • Single-factor authentication system

    • Dual-prong verification system

    • Multi-factor authentication system

    • Token-passing authentication system

    Correct Answer
    A. Multi-factor authentication system
    Explanation
    A token system that requires the user to enter the code along with a PIN is called a multi-factor authentication system. This is because it combines two factors, something the user knows (the PIN) and something the user has (the token code), to verify the user's identity. By requiring multiple factors, it adds an extra layer of security compared to single-factor authentication systems.

    Rate this question:

  • 34. 

    _____ uses lattice-based cryptography and may be more resistant to quantum computing attacks.

    • NTRUEncrypt

    • ECC

    • RC4

    • SHA-512

    Correct Answer
    A. NTRUEncrypt
    Explanation
    NTRUEncrypt uses lattice-based cryptography, which is believed to be more resistant to attacks from quantum computers. Quantum computers have the potential to break traditional public-key encryption algorithms like ECC and RSA, but lattice-based cryptography, such as NTRUEncrypt, offers a promising alternative that is thought to be more secure against quantum computing attacks. Therefore, NTRUEncrypt is the correct answer as it aligns with the given explanation.

    Rate this question:

  • 35. 

    Which single sign-on (SSO) technology depends upon tokens?

    • OAuth

    • CardSpace

    • OpenID

    • All SSO technologies use tokens.

    Correct Answer
    A. OAuth
    Explanation
    OAuth is the correct answer because it is an SSO technology that relies on tokens. When a user tries to access a resource from a service provider, OAuth allows them to authenticate with their credentials from an identity provider. The identity provider then issues a token to the user, which can be used to access the requested resource without having to provide credentials again. This token acts as proof of authentication and authorization, allowing the user to access multiple services without sharing their credentials with each one.

    Rate this question:

  • 36. 

    _____ is a hash that uses two different and independent parallel chains of computation, the result of which are then combined at the end of the process.

    • DES

    • AES

    • RC4

    • RIPEMD

    Correct Answer
    A. RIPEMD
    Explanation
    RIPEMD is a hash function that utilizes two separate and independent parallel chains of computation. These chains process the input data separately and generate intermediate hash values. At the end of the process, the intermediate hash values from both chains are combined to produce the final hash value. This approach increases the security and robustness of the hash function, making it resistant to attacks and collisions.

    Rate this question:

  • 37. 

    The version of the X.500 standard that runs on a personal computer over TCP/IP is_____.

    • DAP

    • LDAP

    • IEEE X.501

    • Lite RDAP

    Correct Answer
    A. LDAP
    Explanation
    LDAP stands for Lightweight Directory Access Protocol. It is the version of the X.500 standard that runs on a personal computer over TCP/IP. LDAP is a protocol used to access and manage directory information services. It provides a lightweight and efficient way to query and modify directory data, making it suitable for use on personal computers.

    Rate this question:

  • 38. 

    A user entering her user name would correspond to the _____ action in access control.

    • Authentication

    • Identification

    • Authorization

    • Access

    Correct Answer
    A. Identification
    Explanation
    When a user enters her username, it corresponds to the identification action in access control. Identification is the process of verifying the identity of a user by providing a unique identifier, such as a username. This step is important in access control as it allows the system to recognize and differentiate between different users. Once the user is identified, further actions such as authentication and authorization can take place to determine the user's privileges and access rights.

    Rate this question:

  • 39. 

    Which of the following attacks on passwords requires the attacker to have physical access to the computer to insert a USB flash drive?

    • Resetting

    • Capturing

    • Social engineering

    • Online guessing

    Correct Answer
    A. Resetting
    Explanation
    Resetting passwords typically requires physical access to the computer or device in order to perform the necessary actions to reset the password. This could involve inserting a USB flash drive or using other physical means to gain access to the system. Therefore, the correct answer is "Resetting".

    Rate this question:

  • 40. 

    _____ is a decentralized open source FIM that does not require specific software to be installed on the desktop.

    • SSO Login Resource (SSO-LR)

    • Windows CardSpace

    • OpenID

    • Windows Live ID

    Correct Answer
    A. OpenID
    Explanation
    OpenID is a decentralized open source FIM (Federated Identity Management) that allows users to log in to multiple websites using a single set of credentials. Unlike other options listed, OpenID does not require any specific software to be installed on the desktop. This makes it convenient for users as they can access their accounts from any device with an internet connection without the need for additional installations.

    Rate this question:

  • 41. 

    A RADIUS authentication server requires that the _____ be authenticated first.authentication server.

    • Authentication server

    • Supplicant

    • Authenticator

    • User

    Correct Answer
    A. Supplicant
    Explanation
    A RADIUS authentication server requires that the supplicant be authenticated first. The supplicant refers to the client device or user that is attempting to gain access to the network. Before the authentication server grants access, it verifies the identity of the supplicant to ensure that it is authorized to connect to the network. This is a common practice in network security to prevent unauthorized access and protect the integrity of the network.

    Rate this question:

  • 42. 

    In the _____ model, the end user cannot change any security settings.

    • Discretionary Access Control

    • Security Access Control

    • Mandatory Access Control

    • Restricted Access Control

    Correct Answer
    A. Mandatory Access Control
    Explanation
    Mandatory Access Control (MAC) is a model where the end user does not have the ability to change any security settings. In this model, access to resources is determined by the system administrator or security policy, rather than being discretionary. This ensures that the user cannot modify or override the security settings, providing a higher level of control and protection for sensitive information or resources.

    Rate this question:

  • 43. 

    _____ is a Microsoft Windows feature that provides centralized management and configuration of computers and remote users who are using Active Directory.

    • Windows Register Settings

    • Group Policy

    • Resource Allocation Entities

    • AD Management Services (ADMS)

    Correct Answer
    A. Group Policy
    Explanation
    Group Policy is a Microsoft Windows feature that allows centralized management and configuration of computers and remote users who are using Active Directory. It enables administrators to define and enforce settings and restrictions for users and computers within a network. With Group Policy, administrators can control various aspects such as security settings, software installation, desktop configurations, and more. This helps in maintaining consistency and security across the network by ensuring that all computers and users adhere to the defined policies.

    Rate this question:

  • 44. 

    In the Mandatory Access Control (MAC) model, every subject and object _____.

    • Is restricted and cannot be accessed

    • Is assigned a label

    • Can be changed by the owner

    • Must be given a number from 200–900

    Correct Answer
    A. Is assigned a label
    Explanation
    In the Mandatory Access Control (MAC) model, every subject and object is assigned a label. This label is used to determine the level of access or permissions that a subject has over an object. The label acts as a security mechanism, ensuring that only authorized subjects can access or modify objects based on their assigned labels.

    Rate this question:

  • 45. 

    An operating system that is designed to be secure by controlling critical parts of it to limit access from attackers and administrators is a _______.

    • Secure OS

    • Trustworthy OS

    • Managed OS

    • Trusted OS

    Correct Answer
    A. Trusted OS
    Explanation
    A trusted OS is an operating system that is designed with security measures in place to control critical parts of the system, limiting access from both attackers and administrators. This ensures that only authorized individuals are able to access and modify sensitive components, reducing the risk of unauthorized access or malicious activities. By being "trusted," the OS instills confidence in its ability to protect the system and maintain its integrity.

    Rate this question:

  • 46. 

    _____ is an authentication protocol available as a free download that runs on Microsoft Windows 7/Vista, Windows Server 2008, Apple Mac OS X, and Linux.

    • IEEE 802.1x

    • RADIUS

    • Kerberos

    • LDAP

    Correct Answer
    A. Kerberos
    Explanation
    Kerberos is an authentication protocol that is available as a free download and can be run on various operating systems such as Microsoft Windows 7/Vista, Windows Server 2008, Apple Mac OS X, and Linux. It provides secure authentication for client-server applications and ensures that only authorized users can access network resources.

    Rate this question:

  • 47. 

    What is data called that is to be encrypted by inputting into an encryption algorithm?

    • Plaintext

    • Cleartext

    • Opentext

    • Ciphertext

    Correct Answer
    A. Plaintext
    Explanation
    Plaintext refers to the data that is inputted into an encryption algorithm before it is encrypted. It is the original, readable form of the data that is to be protected. Once the encryption algorithm is applied, the plaintext is transformed into ciphertext, which is the encrypted form of the data.

    Rate this question:

  • 48. 

    Hashing would not be used in which of the following examples?

    • Bank automatic teller machine (ATM)

    • Encrypting and decrypting e-mail attachments

    • Verifying a user password entered on a Linux system

    • Determining the integrity of a message

    Correct Answer
    A. Encrypting and decrypting e-mail attachments
    Explanation
    Hashing would not be used in encrypting and decrypting e-mail attachments. Hashing is a one-way function that converts data into a fixed-size string of characters, which is used for verifying data integrity or comparing data. However, when encrypting and decrypting e-mail attachments, a different process is used, such as symmetric or asymmetric encryption algorithms, to ensure data confidentiality and privacy. Hashing is not suitable for this purpose as it does not provide the ability to retrieve the original data.

    Rate this question:

  • 49. 

    If Bob wants to send a secure message to Alice using an asymmetric cryptographic algorithm, the key he uses to encrypt the message is _______.

    • Alice’s private key

    • Alice’s public key

    • Bob’s public key

    • Bob’s private key

    Correct Answer
    A. Alice’s public key
    Explanation
    When Bob wants to send a secure message to Alice using an asymmetric cryptographic algorithm, he needs to use Alice's public key to encrypt the message. This is because asymmetric cryptography uses a pair of keys - a public key for encryption and a private key for decryption. Alice's public key is meant to be shared with others, allowing them to encrypt messages that only Alice can decrypt using her private key. Therefore, Bob needs to use Alice's public key to ensure that only Alice can read the message.

    Rate this question:

Quiz Review Timeline (Updated): Mar 21, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 21, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Dec 10, 2012
    Quiz Created by
    MrsQ
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.