9

Question 1

A type of hierarchical database structure used in Windows Server environments that enables centralized management of users, devices and resources on a network is known as:

Answer 1

Active Directory (AD)

Question 2

An authentication subsystem in which a single set of authentication credentials provides access to multiple systems across different organizations is called:

Answer 2

Federation

Question 3

Which of the following answers describe the features of TOTP? (Select 3 answers)

TOTP - Time-based one-time password

Answer 3

• Based on a shared secret key and current time
• Not vulnerable to replay attacks
• Valid for only one login session

Question 4

Which of the following answers refer to the characteristics of HOTP? (Select 3 answers)

HOTP - HMAC-based one-time password is a one-time password algorithm based on HMAC

Answer 4

• Valid for only one login session
• Based on a cryptographic hash function and a secret cryptographic key
• Not vulnerable to replay attacks

Question 5

Which of the following are examples of hardware authentication tokens? (Select 3 answers)

Answer 5

• Key fob
• RFID badge
• Smart card

Question 6

Which of the following is an example of a soft authentication token?

Answer 6

Authenticator app

Question 7

Examples of static authentication methods include: (Select 2 answers)

Answer 7

User-generated password
Personal Identification Number (PIN)

Question 8

An authenticator application is a software that generates additional authentication token (in the form of a random code) used in multi-step verification process

Answer 8

True

Question 9

Which of the following does not have an application in the authentication process?

Answer 9

• One-time passwords
• SMS messages
• Hardware / Software tokens
• Static codes ( Your answer)
• Push notifications
• Phones
  All of the above can be used in the authentication process

Question 10

Which of the following answers refers to an example implementation of certificate-based authentication?

Answer 10

Smart card

Question 11

In computer security, the term “Biometrics” refers to physical characteristics of the human body that can be used for identification and access control purposes.

Answer 11

True

Question 12

Which of the following is not used in the process of biometric authentication?

Answer 12

• Fingerprint scan
• Voice recognition
• Vein analysis
• Retina / Iris scan
• Face recognition
• Gait analysis
  All of the above can be used in the biometric authentication process

Question 13

A measure of the likelihood that a biometric security system will incorrectly accept an access attempt by an unauthorized user is known as:

Answer 13

FAR (False Acceptance Rate)

Question 14

A measure of the likelihood that a biometric security system will incorrectly reject an access attempt by an authorized user is referred to as:

Answer 14

FRR (False Rejection Rate)

Question 15

Which of the answers listed below refers to a type of metric used for evaluation of a biometric security system’s accuracy?

Answer 15

CER (Crossover Error Rate)

Question 16

Authentication process can be based on various categories of authentication factors and attributes. Authentication factors include unique physical traits of each individual such as fingerprints (“something you are”), physical tokens such as smart cards (“something you have”), or usernames and passwords (“something you know”). The categories of authentication attributes include geolocation (“somewhere you are”), user-specific activity patterns, such as keyboard typing style (“something you can do”), revealing something about an individual, e.g. wearing an ID badge (“something you exhibit”), or proving the relation with a trusted third party (“someone you know”). Multifactor authentication systems require implementation of authentication factors from two or more distinct categories.

Answer 16

True

Question 17

Which of the following fall into the category of MFA factors? (Select 3 answers)

Answer 17

• PIN
• USB token
• Retina scan

Question 18

Examples of MFA attributes include

Answer 18

• Handwritten signature
• Gait analysis
• GPS reading
• Chain of trust

Question 19

Which of the following examples meets the requirement of multifactor authentication?

Answer 19

Password and biometric scan

Question 20

Which part of the AAA security architecture deals with the verification of the identity of a person or process?

Answer 20

Authentication

Question 21

Which of the answers listed below refers to the process of granting or denying access to resources?

Answer 21

Authorization

Question 22

In the AAA security architecture, the process of tracking accessed services as well as the amount of consumed resources is called

Answer 22

Accounting

Question 23

A dedicated data storage solution that combines multiple disk drive components into a single logical unit to increase volume size, performance, or reliability is referred to as:

Answer 23

Redundant Array of Independent Disks (RAID)

Question 24

Which of the following RAID levels does not offer fault tolerance?

Answer 24

RAID 0

Question 25

Hardware RAID Level 0: (Select all that apply)

Answer 25

• Requires a minimum of 2 drives to implement
• Is also known as disk striping
• Decreases reliability (failure of any disk in the array destroys the entire array)
• Is suitable for systems where performance has higher priority than fault tolerance