Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

cissp > Chapter 13 > Flashcards

Chapter 13 Flashcards

1
Q

what is a type 1 authentication factor?

A

something you know

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what is a type 2 authentication factor?

A

something you have - CAC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

what is a type 3 authentication factor?

A

something you are

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What does NIST recommend regarding password expiration dates?

A

NIST does not recommend password expiration policies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does NIST recommend regarding special characters?

A

NIST does not recommend requiring special characters in passwords.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

NIST password length recommendations

A

between 8 and 64 characters

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does PCI DSS recommend for password expiration?

A

Passwords should expire every 90 days

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

PCI DSS password length minimum

A

7 characters

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

tokens that are time based and generate a new PIN periodically

A

synchronous dynamic password tokens

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

tokens that are generated based on an algorithm and an incrementing counter which increases each time the user authenticates

A

asynchronous dynamic password tokens

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Type I error is also known as the False ____ Rate

A

Rejection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Type II error is also known as the False ___ Rate

A

Acceptance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Is Type I or Type II error more dangerous regarding security?

A

Type II because it can grant access to an unauthorized user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

should a device operate at the CER level?

A

No, you want the sensitivity higher than the CER rate to decrease the number of Type II errors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

the amount of time required to scan a biometric factor

A

enrollment time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

the amount of time required to approve or deny access based on biometrics

A

throughput rate

17
Q

which protocol is used with certificate based SSO and Microsoft AD systems?

A

LDAP

18
Q

an identity management system that links a user’s identity with multiple identity management systems

A

federated identity management (FIM)

19
Q

a solution that automatically creates a relationship between two entities so users can access resources without administrator intervention

A

JIT - Just in time provisioning

20
Q

the API developed by W3C which many web browsers have adopted for credential management

A

Credential Management Level 1 API

cissp (13 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions