Shared Flashcard Set

Details

Exam 3 Info Sec
exam 3
33
Computer Networking
Undergraduate 4
11/12/2016

Additional Computer Networking Flashcards

 


 

Cards

Term

What type of attack involves an attacker stealing a file containing password digests and comparing the stolen digests to digests created by the attacker?

 

 

offline cracking

 

online cracking

 

hash replay

 

token replay

Definition
offline cracking
Term

A RADIUS authentication server requires that the ________ be authenticated first.

 

 

user

 

authentication server

 

supplicant

 

authenticator

Definition
supplicant
Term

A(n) _________ is the person who is responsible for the information, determines the level of security needed for the data and delegates security duties as required.

 

 

owner

 

administrator

 

custodian

 

end-user

Definition
owner
Term
A RADIUS __________ is a computer that forwards RADIUS messages among RADIUS clients and RADIUS servers.
Definition
proxy
Term

The strength of RADIUS is that messages are always directly sent between the wireless device and the RADIUS server.

 

 

 

Definition
false
Term

OpenID is an example of a web-based federated identity management (FIM) system.

 

 

 

Definition
true
Term

The Bell-LaPadula (BLP) model of MAC can be used to prevent subjects from creating a new object or performing specific functions on objects that are at a lower level than their own.

 

 

 

Definition
true
Term

During RADIUS authentication, what type of packet includes information such as identification of a specific AP that is sending the packet and the username and password?

 

 

accounting request

 

access request

 

verification request

 

authentication request

Definition
authentication request
Term

Which federated identity management (FIM) relies on token credentials?

 

 

OAuth

 

OpenID

 

Windows Live

 

Open Pass

Definition
OAuth
Term

What is the name for a predefined framework that can be used for controlling access and is embedded into software and hardware?

 

 

accounting and access model

 

user control model

 

access control model

 

authorization control model

Definition
access control model
Term

OpenID is an example of a web-based federated identity management (FIM) system.

 

 

 

Definition
true
Term

In the Mandatory Access Control (MAC) model, every subject and object ___________.

 

 

must be assigned a number

 

is restricted and cannot be accessed

 

is assigned a label

 

can be changed by the owner

Definition
is assigned a label
Term
A token __________ is a unique random string of characters that is encrypted to protect the token from being used by unauthorized parties.
Definition
identifier
Term

Group policy is a Unix feature that allows for the centralized management and configuration of computers and remote users using Unix Active Directory.

 

 

 

Definition
false
Term

Authorization and access are viewed as synonymous and in access control they are the same step.

 

 

 

Definition
false
Term

Entires within a Directory Information Base are arranged in a tree structure called the:

 

 

DAP

 

PEAP

 

EAP

 

DIT

Definition
DIT
Term

Which of the following is a decentralized open-source FIM that does not require specific software to be installed on the desktop?

 

   

OAuth

   

OpenID

   

Windows Live ID

   

OpenPass

Definition
OpenID
Term

The use of a single authentication credential that is shared across multiple networks is called:

 

 

Access management

 

Authorization management

 

Identity management

 

Risk management

Definition
Identity management
Term
The capability to look up information by name under the X.500 standard is known as a(n) _______ -pages service.
Definition
white
Term

What technology allows users to share resources stored on one site with a second site without forwarding their authentication credentials to the other site?

 

 

OpenAuth

 

OAuth

 

SAML

 

Kerberos

Definition
OAuth
Term

A U.S. Department of Defense (DoD) smart card that is used for identification of active-duty and reserve military personnel along with civilian employees and special contractors is:

 

 

Common Access Card (CAC)

 

Identity Validation Card (IVC)

 

Credential Validation Card (CVC)

 

Personal Credential Card (PCC)

Definition

 

Common Access Card (CAC)

Term

Token credentials can be revoked at any time by the user without affecting other token credentials issued to other sites.

 

 

 

Definition
True
Term

What authentication service commonly used on UNIX devices involves communicating user authentication information to a centralized server?

 

 

TACACS

 

RADIUS

 

Kerberos

 

FTP

Definition
TACACS
Term

With the development of IEEE 802.1x port security, the __________ authentication server has seen greater usage.

 

 

RADIUS

 

TACACS

 

Kerberos

 

SAML

Definition
RADIUS
Term

Which of the following is a set of permissions that is attached to an object?

 

 

access control list (ACL)

 

access control entry (ACE)

 

secure access entry (SAE)

 

network access control (NAC)

Definition

 

access control list (ACL)

Term
A(n) __________ attack begins with the attacker creating encrypted versions of common dictionary words and comparing them against those in a stolen password file.
Definition
dictionary
Term

Which of the following is the name given to an individual who periodically reviews security settings and maintains records of access by users?

 

 

supervisor

 

custodian

 

owner

 

manager

Definition
custodian
Term

A(n) _________ is the person who is responsible for the information, determines the level of security needed for the data and delegates security duties as required.

 

 

owner

 

administrator

 

custodian

 

end-user

Definition
owner
Term
___________ is granting or denying approval to use specific resources.
Definition
access control
Term

Which type of biometrics is based on the perception, thought process and understanding of the user

 

 

Standard biometrics

 

Reactive biometrics

 

Cognitive biometrics

 

Affective biometiics

Definition

cognitive biometrics

 

Term
In the DAC model, __________ can create and access their objects freely.
Definition
owners
Term

A vulnerable process that is divided between two or more individuals to prevent fraudulent application of the process is known as:

 

 

Separation of duties

 

Job rotation

 

Mandatory vacation

 

Role reversal

Definition

 

Separation of duties

 
Term

A user or process functioning on behalf of the user that attempts to access an object is known as the:

 

 

subject

 

reference monitor

 

entity

 

label

Definition
subject
Supporting users have an ad free experience!