Q&A Hero

Media Study

Q: XML makes SAML platform-dependent.
Q: The standard for sending security assertions is ________. A) LDAP B) XML C) SAML D) None of the above
Q: The main standards used by firms to send security assertions to one another is LDAP.
Q: A security assertion may contain ________. A) authenticity information B) attributes, such as spending limits for purchasers C) Both A and B D) Neither A nor B
Q: A(n) ________ is a statement from Firm A that Firm B should accept as true if Firm B trusts Firm A. A) certification B) assertion C) certificate D) attribute
Q: In federated identity management, firms ________. A) query one another's identity management databases B) send assertions to one another C) Both A and B D) Neither A nor B
Q: In federated identity management, firms do not query one another's identity management databases.
Q: ________ servers synchronize directory servers from different vendors. A) Synchronization B) LDAP C) Metadirectory D) Central authentication
Q: Directory servers from different vendors are synchronized through ________. A) LDAP B) central authentication servers C) AD servers D) None of the above
Q: If Directory Server A trusts Directory Server Band Directory Server B trusts Directory Server A, this is ________ trust. A) Mutual B) One-way C) Transitive D) Intransitive
Q: If Directory Server A trusts Directory Server B, Directory Server B trusts Directory Server C, and Directory Server A trusts Directory Server C, this is ________ trust. A) Mutual B) One-way C) Transitive D) Intransitive
Q: If Directory Server A trusts Directory Server B and Directory Server B trusts Directory Server C then Directory Server A MUST trust Directory Server C.
Q: Replication between a domain controller in a child domain and a domain controller in its parent domain is ________. A) total B) partial C) nonexistent D) intransitive
Q: Microsoft domains can be organized into trees, and trees can be organized into forests.
Q: A Microsoft domain can have multiple domain controllers.
Q: In Active Directory, a domain controller contains ________. A) a RADIUS authentication server program B) an Active Directory database C) Both A and B D) Neither A nor B
Q: Microsoft's directory server product is ________. A) Kerberos B) Active Directory C) LDAP D) MS Directory
Q: ________ often get their authentication information from ________. A) Directory servers, central authentication servers B) Central authentication servers, metadirectory servers C) Central authentication servers, directory servers D) Metadirectory servers, central authentication servers
Q: LDAP can be used ________. A) to update information in the directory server B) to retrieve data from the directory server C) Both A and B D) Neither A nor B
Q: Directory servers can hold information about ________. A) people B) computers C) Both A and B D) Neither A nor B
Q: In directory servers, ________. A) there can only be one O in a directory server B) there can only be one OU in a directory server C) Both A and B D) Neither A nor B
Q: In directory servers, information is organized ________. A) hierarchically B) rhizomatically C) relationally D) None of the above
Q: In Kerberos, the verifier is explicitly notified that the supplicant has been authenticated.
Q: In Kerberos, the Kerberos server sends the Service Ticket directly to the supplicant rather than directly to the verifier.
Q: The ________ gives the verifier a symmetric session key. A) ticket-granting ticket B) service ticket C) Both A and B D) Neither A nor B
Q: In Kerberos, the ________ is sent from the Kerberos server to the verifier. A) ticket granting ticket B) service ticket C) Both A and B D) Neither A nor B
Q: In Kerberos, the ________ is sent from the Kerberos server to the supplicant. A) ticket granting ticket B) service ticket C) Both A and B D) Neither A nor B
Q: In Kerberos, the ________ is an encrypted session key that only the verifier can decrypt. A) ticket granting ticket B) service ticket C) Both A and B D) Neither A nor B
Q: In Kerberos, the ________ is the supplicant's proof that it has already authenticated itself with the Kerberos Server. A) ticket granting ticket B) service ticket C) Both A and B D) Neither A nor B
Q: Which of the following is not one of the devices in RADIUS central authentication? A) The supplicant B) The verifier C) The authenticator D) The RADIUS central authentication server
Q: Which of the following statements is true about log files? A) Log files should be read regularly. B) External auditing should be conducted periodically. C) Automatic alerts should be established. D) All of the above
Q: ________ record(s) and analyzes what a person or program actually did. A) Authentication B) Authorizations C) Auditing D) All of the above
Q: If a firewall lacks the processing power to handle incoming traffic, it will drop any packets it cannot process. This is ________. A) a security failure B) failing safely C) Both A and B D) Neither A nor B
Q: When assigning initial permissions, it is good to give the least permissions believed to be necessary and then add permissions if appropriate.
Q: When assigning initial permissions, it is good to add more permissions than strictly necessary and then remove permissions if appropriate.
Q: The principle of ________ states that each person should only get the permissions that he or she absolutely needs to do his or her job. A) appropriate authorizations B) least permissions C) minimization D) All of the above.
Q: Authorizations are also called ________. A) permissions B) verifications C) Both A and B D) Neither A nor B
Q: Giving a user permissions to use a certain resource is ________. A) authentication B) authorization C) Both A and B D) Neither A nor B
Q: The ________ authentication problem is that unless individuals are carefully vetted before being allowed in a system, imposters can simply enroll through social engineering. A) core B) prime C) final D) human
Q: In the context of PKI, ________ is the process of accepting public keys and providing new digital certificates to the users. A) provisioning B) reflection C) coordination D) certification
Q: CAs distribute public keys ________. A) in digital certificates B) only in ways using encryption for confidentiality C) Both A and B D) Neither A nor B
Q: A private key/public key pair is usually created by the ________. A) client B) PKI server C) Both A and B D) Neither A nor B
Q: A firm can be its own certificate authority for internal users.
Q: Biometric authentication is the strongest form of authentication.
Q: The strongest form of authentication is ________. A) biometrics B) cryptographic authentication C) reusable passwords D) smart cards
Q: The most widely used form of biometrics is ________. A) retinal scanning B) iris scanning C) fingerprint scanning D) face recognition
Q: Hand geometry recognition is used heavily for ________. A) PC access B) watch list access C) door access D) server access
Q: Iris scanning usually is done surreptitiously.
Q: Iris recognition technology is ________ and ________. A) expensive, has low FARs B) expensive, has high FARs C) inexpensive, has low FARs D) inexpensive, has high FARs
Q: Which of the following statements accurately describes iris recognition? A) Iris recognition has high FARs. B) Iris recognition technology is expensive. C) Iris recognition scans the eye with lasers. D) All of the above
Q: Fingerprint recognition should be used as a security measure for access to ________. A) a non-essential supply cabinet B) a notebook containing sensitive information C) Both A and B D) Neither A nor B
Q: Fingerprint recognition is easily deceived.
Q: Which of the following statements accurately describes fingerprint recognition? A) Fingerprint recognition scanners are very expensive. B) Fingerprint recognition is easily deceived. C) Fingerprint recognition is rarely used. D) All of the above
Q: Because fingerprint scanning is often deceived, it should never be used as a security measure.
Q: Fingerprint scanning, which is often deceived, may be acceptable for entry into a non-sensitive supplies cabinet.
Q: When an attacker deliberately attempts to fool the system, this is called ________. A) deception B) a false acceptance C) a false rejection D) All of the above.
Q: ________ is a form of identification that identifies a person as being a member of a group. A) RBAC B) Watch list matching C) Group ID matching D) Group acceptance
Q: Which is more likely to generate a false acceptance? A) Verification B) Identification C) Both verification and identification are equally likely to generate a false acceptance. D) None of the above
Q: Identification requires more matches against templates than does verification.
Q: Verification requires more matches against templates than does identification.
Q: The verifier itself determines the identity of the supplicant in ________. A) verification B) identification C) Both A and B D) Neither A nor B
Q: Verification is the process where the verifier determines the identity of the supplicant.
Q: Identification is the process where the verifier determines whether the supplicant is a particular person that the supplicant claims who he or she is.
Q: For watch lists of criminals, a false acceptance is worse than a false rejection from a security viewpoint.
Q: For watch lists of criminals, a false ________ means that an innocent person is identified as a criminal. A) acceptance B) rejection C) Both A and B D) Neither A nor B
Q: From a security viewpoint, a false acceptance is always worse than a false rejection.
Q: For computer access, a false ________ means that a legitimate user is denied access to a resource. A) rejection B) acceptance C) Both A and B D) Neither A nor B
Q: A false acceptance occurs when a person is improperly matched to a template.
Q: A false rejection occurs when a person is improperly matched to a template.
Q: In biometric, a match occurs when a ________ meets the decision criteria. A) set of key features B) match index C) Both A and B D) Neither A nor B
Q: The template is based on ________ generated during the enrollment scan. A) scan data B) key features C) Both A and B D) Neither A nor B
Q: During enrollment, the scanner sends ________ to the authentication system. A) scan data B) key features C) Both A and B D) Neither A nor B
Q: The major promise of biometrics is to replace reusable passwords.
Q: ________ can be much shorter than ________. A) PINs, passwords B) Passwords, PINs C) There is no general length difference between passwords and PINs. D) None of the above
Q: What was the first core wireless security standard? A) 802.11i B) WPA C) WEP D) None of the above
Q: Which of the following measures offers strong security? A) Turning off SSID broadcasting B) MAC access control lists C) Both A and B D) Neither A nor B
Q: Which of the following measures offers strong security? A) Using spread spectrum transmission in 802.11 B) Turning oFf SSID broadcasting C) WEP D) None of the above
Q: To use an access point, you must know its SSID.
Q: Each network interface card (NIC) has a media access control address (MAC).
Q: Each media access control (MAC) address has a network interface card (NIC).
1 2 3 27

Subjects

Accounting Anthropology Archaeology Art History Banking Biology & Life Science Business Business Communication Business Development Business Ethics Business Law Chemistry Communication Computer Science Counseling Criminal Law Curriculum & Instruction Design Earth Science Economic Education Engineering Finance History & Theory Humanities Human Resource International Business Investments & Securities Journalism Law Management Marketing Medicine Medicine & Health Science Nursing Philosophy Physic Psychology Real Estate Science Social Science Sociology Special Education Speech Visual Arts