Chapter 9 Physical Security and Authentication Models Review

Question 1

Which of the following is an example of two-factor authentication?

A. L2TP and IPsec
B. Username and passwork
C. Thumbprint and key card
D. Client and server

Answer 1

C. Thumbprint and key card

Two-factor authentication means that two pieces of identification are needed prior to authentication. A thumbprint and key card would fall into this category. L2TP and IPsec are protocols used to connect through a VPN, which by default require only a username and password.

Question 2

Which of the following is the final step a user needs to take before that user can access domain resources?

A. Verification
B. Validation
C. Authorization
D. Authentication

Answer 2

C. Authorization

Before a user can gain access to domain resources, the final step is to be authorized to those resources. Previously the user should have provided identification to be authenticated.

Question 3

To gain access to your network, users must provide a thumbprint and a user name and password. What type of authentication model is this?

A. Biometrics
B. Domain logon
C. Multifactor
D. Single sign-on

Answer 3

C. Multifactor

Multifactor authorization means that the suer must provide two different types of identification. The thumbprint is an example of biometrics.

Question 4

The IT director has asked you to set up an authentication model in which users can enter their credentials one time, yet still access multiple server resources. What type of authentication model should you implement?

A. Smart card and biometrics
B. Three-factor authentication
C. SSO
D. VPN

Answer 4

C. SSO

Single Sign On enable users to access multiple servers and multiple resources while entering their credentials only once.

Question 5

Which port number does the protocol LDAP use with it is secured?

A. 389
B. 443
C. 636
D. 3389

Answer 5

C. 636

Port 636 is the port used to secure LDAP. Port 389 is used for standard LDAP. Port 443 is used for HTTPS (SSL/TLS), and port 3389 is used for Remote Desktop Protocol.

Question 6

Which of the following results occurs when a biometric system identifies a legitimate user as unauthorized?

A. False rejection
B. Falso positive
C. False acceptance
D. False exception.

Answer 6

A. False rejection

If a biometric system identifies a legitimate user as unauthorized, it is known as a false rejection or false negative.

Question 7

Which authentication method completes the following in order: logon request, encrypts value response, server, challenge, compare encrypts results, and authorize or fail referred to?

A. Security tokens
B. Certificates
C. Kerberos
D. CHAP

Answer 7

D. CHAP

The Challenge Handshake Authentication Protocol, authenticates a suer or a network host to entities like Internet access providers. CHAP periodically verifies the identity of the client by using a three-way handshake, the verification is based on a shared secret.

Question 8

Of the following, which best describes the difference between RADIUS and TACACS+?

A. RADIUS is a remote access authentication service
B. RADIUS separates authentication, authorization, and auditing capabilities.
C. TACACS+ is a remote access authentication service
D. TACACS+ separates authentication, authorization and auditing capabilities.

Answer 8

D. TACACS+ separates authentication, authorization and auditing capabilities.

Question 9

Which of the following is an authentication system that uses UDP as the transport mechanism?

A. LDAP
B. Kerberos
C. RADIUS
D. TACACS+

Answer 9

C. RADIUS

All others use TCP.

Question 10

Your organization provides to its employees badges that are encoded with a private encryption key and specific personal information. The encoding is used to provide access to the organization’s network. What type of authentication method is being used?

A. Token
B. Biometrics
C. Kerberos
D. Smart Card

Answer 10

D. Smart Card