SEC110_ Chapter 12

Your page rank:

Total word count: 685
Pages: 2

Calculate the Price

- -
275 words
Looking for Expert Opinion?
Let us have a look at your work and suggest how to improve it!
Get a Consultant

OpenID is an example of a web-based federated identity management (FIM) system.​

True

Passwords provide strong protection.

False

Geolocation is the identification of the location of a person or object using technology, and can be used as part of an authentication method.​

true

Using a rainbow table to crack a password requires three steps: Creation of the table, comparing the table to known hash values, and decrypting the password.

False

​What federated identity management (FIM) relies on token credentials?

OAuth

What technology allows users to share resources stored on one site with a second site without forwarding their authentication credentials to the other site?

OAuth

​Select below the decentralized open-source FIM that does not require specific software to be installed on the desktop:

OpenID

What type of attack involves using every possible combination of letters, numbers, and characters to create candidate digests that are then matched against those in a stolen digest file?

Brute force

Which term below describes the time it takes for a key to be pressed and then released?

dwell time

​What type of one-time password (OTP) changes after a set time period?

Time-based one-time password (TOTP)

What can be used to increase the strength of hashed passwords?​

salt

What kind of biometrics utilizes a person’s unique physical characteristics for authentication, such as fingerprints or unique characteristics of a person’s face?

Standard biometrics

​Which hashing algorithm below is used with NTLMv2’s Hashed Message Authentication Code?

MD5

The use of a single authentication credential that is shared across multiple networks is called:

identity management

Passwords that are transmitted can be captured by what type of software?

protocol analyzer

A secret combination of letters, numbers, and/or characters that only the user should have knowledge of, is known as a:

a: password

​A U.S. Department of Defense (DoD) smart card that is used for identification of active-duty and reserve military personnel along with civilian employees and special contractors is called:

Common Access Card (CAC)

What variation of a dictionary attack involves a dictionary attack combined with a brute force attack, and will slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters?

hybrid

What is the center of the weakness of passwords?

human memory

​A list of the available nonkeyboard characters can be seen in Windows by opening what utility?

charmap.exe

The use of one authentication credential to access multiple accounts or applications is referred to as?

Single Sign On

What type of attack involves an attacker stealing a file containing password digests and comparing the digests with digests created by the attacker?

offline cracking

Which type of biometrics is based on the perception, thought process, and understanding of the user?

Cognitive biometrics

The use of what item below involves the creation of a large pregenerated data set of candidate digests?

Rainbow tables

Using one authentication credential to access multiple accounts or applications.​

Single Sign On

​Five elements that can prove the genuineness of a user: what you know, what you have, what you are, what you do, and where you are.

authentication factors

​A small device that can be affixed to a keychain with a window display that shows a code to be used for authentication.

token

A password attack in which every possible combination of letters, numbers, and characters is used to create encrypted passwords that are matched against those in a stolen password file.​

brute force attack

A password hashing algorithm that requires significantly more time than standard hashing algorithms to create the digest.​

key stretching

A popular key stretching password hash algorithm​

bcrypt

​A random string that is used in hash algorithms.

salt

​A password attack that slightly alters dictionary words by adding numbers to the end of the password, spelling words backward, slightly mispelling words, or including special characters.

hybrid attack

​A hash used by modern Microsoft Windows operating systems for creating password digests.

NTLM (New Technology LAN Manager) hash

A password attack that creates encrypted versions of common dictionary words and compares them against those in a stolen password file.​

dictionary attack

Share This
Flashcard

More flashcards like this

NCLEX 10000 Integumentary Disorders

When assessing a client with partial-thickness burns over 60% of the body, which finding should the nurse report immediately? a) ...

Read more

NCLEX 300-NEURO

A client with amyotrophic lateral sclerosis (ALS) tells the nurse, "Sometimes I feel so frustrated. I can’t do anything without ...

Read more

NASM Flashcards

Which of the following is the process of getting oxygen from the environment to the tissues of the body? Diffusion ...

Read more

Unfinished tasks keep piling up?

Let us complete them for you. Quickly and professionally.

Check Price

Successful message
sending