Week 3

Question 1

Name 3 Password Strategies

Answer 1

• User education
• Computer generated passwords
• Reactive password checking

Question 2

Name 3 ways that Proactive password checking can be implemented

Answer 2

1_ Rule enforcement
2_ Password checker
3_ Bloom filter

Question 3

Name 3 types of cards used as tokens

Answer 3

1- Embossed
2- Memory cards
3- Smart

Question 4

Give an example of what memory cards are used for

Answer 4

Hotel room

Question 5

Name 3 characteristics that are true of smart tokens

Answer 5

• Include an embedded microprocessor
• Contact and contact less interfaces
• Require some user interface

Question 6

Name 3 electronic functions for eID cards

Answer 6

• ePass
• eID
• eSign

Question 7

What is Password Authenticated Connection Establishment (PACE)?

Answer 7

Ensures that the contactless

RF chip in the eID card cannot be read without explicit access control.

Question 8

What is biometric authentication?

Answer 8

Attempts to authenticate based on physical characteristics

Question 9

Why is remote user authentication more complex?

Answer 9

More susceptible to eavesdropping or capturing a password.

Question 10

Name 3 authentication security issues

Answer 10

• Denial-of-service
• Eavesdropping
• Trojan Horse