Term
| The OSI model breaks networking steps down into a series of six layers. |
|
Definition
|
|
Term
| Security is enhanced by subnetting a single network into multiple smaller subnets in order to isolate groups of hosts. |
|
Definition
|
|
Term
| A ____ is a network device that can forward packets across computer networks. |
|
Definition
|
|
Term
| Layer 5 of the OSI model is the ____ layer. |
|
Definition
|
|
Term
| ____ is typically used on home routers that allow multiple users to share one IP address received from an Internet service provider (ISP). |
|
Definition
|
|
Term
| ____ is a technique that allows private IP addresses to be used on the public Internet. |
|
Definition
|
|
Term
A(n) ____ can block malicious content in “real time” as it appears without first knowing the URL of a dangerous site.
|
|
Definition
|
|
Term
| The OSI model breaks networking steps down into a series of six layers. |
|
Definition
|
|
Term
| Security is enhanced by subnetting a single network into multiple smaller subnets in order to isolate groups of hosts. |
|
Definition
|
|
Term
| A ____ allows scattered users to be logically grouped together even though they may be attached to different switches. |
|
Definition
|
|
Term
| A ____ is a standard network device for connecting multiple Ethernet devices together by using twisted-pair copper or fiber-optic cables in order to make them function as a single network segment. |
|
Definition
|
|
Term
| ____ is a technology that can help to evenly distribute work across a network. |
|
Definition
|
|
Term
| ____ switches are connected directly to the devices on a network. |
|
Definition
|
|
Term
| In order to allow untrusted outside users access to resources such as Web servers, most networks employ a ____. |
|
Definition
|
|
Term
| ____ IP addresses are IP addresses that are not assigned to any specific user or organization. |
|
Definition
|
|
Term
| Workgroup switches must work faster than core switches. |
|
Definition
|
|
Term
| A basic level of security can be achieved through using the security features found in network hardware. |
|
Definition
|
|
Term
| Layer 3 of the OSI model is the ____ layer. |
|
Definition
|
|
Term
| Examining network traffic, activity, transactions, or behavior and looking for well-known patterns is known as ____-based monitoring |
|
Definition
|
|
Term
| ____ provides remote users with the same access and functionality as local users through a VPN or dial-up connection. |
|
Definition
|
|
Term
| Behavior-based monitoring attempts to overcome the limitations of both anomaly-based monitoring and signature-based monitoring by being more adaptive and proactive instead of reactive. |
|
Definition
|
|
Term
| A ____ is a computer or an application program that intercepts a user request from the internal secure network and then processes that request on behalf of the user. |
|
Definition
|
|
Term
| IP addresses are ____-bit addresses. |
|
Definition
|
|
Term
| ___ keeps a record of the state of a connection between an internal computer and an external device and then makes decisions based on the connection as well as the conditions. |
|
Definition
|
|
Term
| A(n) ____ does not serve clients, but instead routes incoming requests to the correct server. |
|
Definition
|
|
Term
| Each operation in a computing environment starts with a ____. |
|
Definition
|
|
Term
| A(n) ____ encrypts all data that is transmitted between the remote device and the network. |
|
Definition
|
|
Term
| A(n) ____ is the end of the tunnel between VPN devices. |
|
Definition
|
|
Term
Used to classify standard network devices based on their function
a.OSI model
b.DMZ
c.VLAN
d.HIDS
e.Remote access
f.Subnet addressing
g.PAT
h.NAT
i.Baseline
|
|
Definition
|
|
Term
A reference set of data against which operational data is compared
a.OSI model
b.DMZ
c.VLAN
d.HIDS
e.Remote access
f.Subnet addressing
g.PAT
h.NAT
i.Baseline
|
|
Definition
|
|
Term
A software-based application that runs on a local host computer that can detect an attack as it occurs
a.OSI model
b.DMZ
c.VLAN
d.HIDS
e.Remote access
f.Subnet addressing
g.PAT
h.NAT
i.Baseline
|
|
Definition
|
|
Term
Each outgoing packet is given a different IP address
a.OSI model
b.DMZ
c.VLAN
d.HIDS
e.Remote access
f.Subnet addressing
g.PAT
h.NAT
i.Baseline
|
|
Definition
|
|
Term
Each packet is given the same IP address but a different TCP port number.
a.OSI model
b.DMZ
c.VLAN
d.HIDS
e.Remote access
f.Subnet addressing
g.PAT
h.NAT
i.Baseline
|
|
Definition
|
|
Term
Functions as a separate network that rests outside the secure network perimeter
a.OSI model
b.DMZ
c.VLAN
d.HIDS
e.Remote access
f.Subnet addressing
g.PAT
h.NAT
i.Baseline
|
|
Definition
|
|
Term
Allows an IP address to be split anywhere within its 32 bits
a.OSI model
b.DMZ
c.VLAN
d.HIDS
e.Remote access
f.Subnet addressing
g.PAT
h.NAT
i.Baseline
|
|
Definition
|
|
Term
Segmenting a network by separating devices into logical groups
a.OSI model
b.DMZ
c.VLAN
d.HIDS
e.Remote access
f.Subnet addressing
g.PAT
h.NAT
i.Baseline
|
|
Definition
|
|
Term
Refers to any combination of hardware and software that enables remote users to access a local internal network
a.OSI model
b.DMZ
c.VLAN
d.HIDS
e.Remote access
f.Subnet addressing
g.PAT
h.NAT
i.Baseline
|
|
Definition
|
|
Term
| In the ____ model, the cloud computing vendor provides access to the vendor’s software applications running on a cloud infrastructure. |
|
Definition
| Cloud Software as a Service |
|
|
Term
| ___ is a pay-per-use computing model in which customers pay only for the computing resources they need.Cloud computing |
|
Definition
|
|
Term
| Server virtualization typically relies on the ____, which is software that runs on a physical computer to manage one or more virtual machine operating systems. |
|
Definition
|
|
Term
| TCP/IP uses its own five-layer architecture that includes Network Interface, Internet, Control, Transport, and Application. |
|
Definition
|
|
Term
| IP is the protocol that functions primarily at the Open Systems Interconnection (OSI) ____. |
|
Definition
|
|
Term
| SNMP agents are protected with a password known as a(n) ____ in order to prevent unauthorized users from taking control over a device. |
|
Definition
|
|
Term
| __ is used to relay query messages. |
|
Definition
|
|
Term
| A ____ forwards packets across computer networks |
|
Definition
|
|
Term
| DNS poisoning can be prevented by using the latest editions of the DNS software known as ____. |
|
Definition
|
|
Term
| TCP is the main ____ protocol that is responsible for establishing connections and the reliable data transport between devices. |
|
Definition
|
|
Term
| Routers operate at the ____ Layer. |
|
Definition
|
|
Term
| ____ provides a greater degree of security by implementing port-based authentication. |
|
Definition
|
|
Term
IEEE 802.1x is commonly used on wireless networks.
|
|
Definition
|
|
Term
| ____ can be used to determine whether new IP addresses are attempting to probe the network. |
|
Definition
|
|
Term
| In the ____ cloud computing model, the customer has the highest level of control. |
|
Definition
| Cloud Infrastructure as a Service |
|
|
Term
| A ____ is a feature that controls a device’s tolerance for unanswered service requests and helps to prevent a DoS attack. |
|
Definition
|
|
Term
| IP telephony and Voice over IP (VoIP) are identical. |
|
Definition
|
|
Term
| The ____ is a database, organized as a hierarchy or tree, of the name of each site on the Internet and its corresponding IP number. |
|
Definition
|
|
Term
| Broadcast storms can be prevented with ____. |
|
Definition
|
|
Term
| Despite its promise to dramatically impact IT, cloud computing raises significant security concerns. |
|
Definition
|
|
Term
| ____ is a means of managing and presenting computer resources by function without regard to their physical layout or location. |
|
Definition
|
|
Term
| TCP is responsible for addressing packets and sending them on the correct route to the destination, while IP is responsible for reliable packet transmission. |
|
Definition
|
|
Term
| The most common protocol suite used today for local area networks (LANs) as well as the Internet is ____. |
|
Definition
|
|
Term
| It is possible to segment a network by physical devices grouped into logical units through a(n) ____. |
|
Definition
|
|
Term
| TCP port ____ is the FTP control port used for passing FTP commands. |
|
Definition
|
|
Term
| A ____ can create entries in a log for all queries that are received. |
|
Definition
|
|
Term
Used by devices to communicate updates or error information to other devices
a.IP telephony
b.Smurf DoS attack
c.Network discovery
d.Ping of Death
e.ICMP
f.STA
g.SNMP
h.DNS
i.DNS poisoning
|
|
Definition
|
|
Term
An attacker can use ICMP messages as one of the first steps in reconnaissance to discover information about the hosts that are part of the network
a.IP telephony
b.Smurf DoS attack
c.Network discovery
d.Ping of Death
e.ICMP
f.STA
g.SNMP
h.DNS
i.DNS poisoning
|
|
Definition
|
|
Term
Attackers can broadcast a ping request to all computers on the network but change the address from which the request came to that of the target
a.IP telephony
b.Smurf DoS attack
c.Network discovery
d.Ping of Death
e.ICMP
f.STA
g.SNMP
h.DNS
i.DNS poisoning
|
|
Definition
|
|
Term
A malformed ping using ICMP is sent to the victim’s computer that exceeds the size of an IP packet
a.IP telephony
b.Smurf DoS attack
c.Network discovery
d.Ping of Death
e.ICMP
f.STA
g.SNMP
h.DNS
i.DNS poisoning
|
|
Definition
|
|
Term
31
Functions by exchanging management information between networked devices
a.IP telephony
b.Smurf DoS attack
c.Network discovery
d.Ping of Death
e.ICMP
f.STA
g.SNMP
h.DNS
i.DNS poisoning
|
|
Definition
|
|
Term
32
A TCP/IP protocol that resolves (maps) an IP address with its equivalent symbolic name
a.IP telephony
b.Smurf DoS attack
c.Network discovery
d.Ping of Death
e.ICMP
f.STA
g.SNMP
h.DNS
i.DNS poisoning
|
|
Definition
|
|
Term
33
Substitutes addresses so that the computer is automatically redirected to another device
a.IP telephony
b.Smurf DoS attack
c.Network discovery
d.Ping of Death
e.ICMP
f.STA
g.SNMP
h.DNS
i.DNS poisoning
|
|
Definition
|
|
Term
Can determine that a switch has multiple ways to communicate with a host and then determine the best path while blocking out other paths
a.IP telephony
b.Smurf DoS attack
c.Network discovery
d.Ping of Death
e.ICMP
f.STA
g.SNMP
h.DNS
i.DNS poisoning
|
|
Definition
|
|
Term
Using a data-based OP network to add digital voice clients and new voice applications onto the IP network
a.IP telephony
b.Smurf DoS attack
c.Network discovery
d.Ping of Death
e.ICMP
f.STA
g.SNMP
h.DNS
i.DNS poisoning
|
|
Definition
|
|
Term
| ____ access points are serious threats to network security because they allow attackers to intercept the RF signal and bypass network security to attack the network or capture sensitive data. |
|
Definition
|
|
Term
| ___ is an attack that accesses unauthorized information from a wireless device through a Bluetooth connection, often between cell phones and laptop computers. |
|
Definition
|
|
Term
| Because antennas are generally positioned to provide the broadest area of coverage, APs should be located at the end of the coverage area. |
|
Definition
|
|
Term
| ___ is designed to detect any changes in a packet, whether accidental or intentional. |
|
Definition
|
|
Term
| Bluetooth devices are not backward compatible with previous versions. |
|
Definition
|
|
Term
| The SSID can generally be any alphanumeric string from 2 to ___ characters. |
|
Definition
|
|
Term
| A ____ access point is an unauthorized AP that allows an attacker to bypass many of the network security configurations and opens the network and its users to attacks. |
|
Definition
|
|
Term
| The IEEE 802.15.1-2005 Wireless Personal Area Network standard was based on the ____ specifications. |
|
Definition
|
|
Term
| ____ is an attack that sends unsolicited messages to Bluetooth-enabled devices. |
|
Definition
|
|
Term
| Because PEAP can be vulnerable to specific types of attacks, Cisco now recommends that users migrate to a more secure EAP than PEAP. |
|
Definition
|
|
Term
| ___ is the encryption protocol standard for WPA2. |
|
Definition
|
|
Term
| ____ requires mutual authentication used for WLAN encryption using Cisco client software. |
|
Definition
|
|
Term
| A(n) ____ acts as the “base station” for the wireless network. |
|
Definition
|
|
Term
| EAP request packets are issued by the ____. |
|
Definition
|
|
Term
| When a device receives a beacon frame from an AP, the device then sends a frame known as a(n) ____ frame to the AP. |
|
Definition
|
|
Term
| An ____ is an AP that is set up by an attacker. |
|
Definition
|
|
Term
| ____ allow a single access point to service different types of users. |
|
Definition
|
|
Term
| Bluetooth is a ____ technology designed for data communication over short distances. |
|
Definition
|
|
Term
| Most Bluetooth devices use a Class 2 radio that has a range of ____ feet. |
|
Definition
|
|
Term
| APs use antennas that radiate a signal in all directions. |
|
Definition
|
|
Term
| A group of piconets in which connections exist between different piconets is called a ____. |
|
Definition
|
|
Term
| Slave devices that are connected to the piconet and are sending transmissions are known as ____ slaves. |
|
Definition
|
|
Term
| ____ is considered a more flexible EAP scheme because it creates an encrypted channel between the client and the authentication server. |
|
Definition
|
|
Term
| ___ is a framework for transporting authentication protocols instead of the authentication protocol itself. |
|
Definition
|
|
Term
| Because of the weaknesses of WEP, it is possible for an attacker to identify two packets derived from the same IV. |
|
Definition
|
|
Term
A wireless technology that uses short-range radio frequency (RF) transmissions and provides for rapid ad hoc device pairings
a.War chalking
b.Bluetooth
c.Protected EAP
d.War driving
e.Initialization
f.TKIP
g.Lightweight EAP
h.SSID
i.Evil twin
|
|
Definition
|
|
Term
An AP set up by an attacker to mimic an authorized AP and capture transmissions
a.War chalking
b.Bluetooth
c.Protected EAP
d.War driving
e.Initialization
f.TKIP
g.Lightweight EAP
h.SSID
i.Evil twin
|
|
Definition
|
|
Term
A 24-bit value used in WEP that changes each time a packet is encrypted
a.War chalking
b.Bluetooth
c.Protected EAP
d.War driving
e.Initialization
f.TKIP
g.Lightweight EAP
h.SSID
i.Evil twin
|
|
Definition
|
|
Term
Searching for wireless signals from an automobile or on foot using a portable computing device
a.War chalking
b.Bluetooth
c.Protected EAP
d.War driving
e.Initialization
f.TKIP
g.Lightweight EAP
h.SSID
i.Evil twin
|
|
Definition
|
|
Term
The process of documenting and then advertising the location of wireless LANs for others to use
a.War chalking
b.Bluetooth
c.Protected EAP
d.War driving
e.Initialization
f.TKIP
g.Lightweight EAP
h.SSID
i.Evil twin
|
|
Definition
|
|
Term
The user-supplied network name of a WLAN
a.War chalking
b.Bluetooth
c.Protected EAP
d.War driving
e.Initialization
f.TKIP
g.Lightweight EAP
h.SSID
i.Evil twin
|
|
Definition
|
|
Term
A WPA encryption technology
a.War chalking
b.Bluetooth
c.Protected EAP
d.War driving
e.Initialization
f.TKIP
g.Lightweight EAP
h.SSID
i.Evil twin
|
|
Definition
|
|
Term
A proprietary EAP method developed by Cisco Systems
a.War chalking
b.Bluetooth
c.Protected EAP
d.War driving
e.Initialization
f.TKIP
g.Lightweight EAP
h.SSID
i.Evil twin
|
|
Definition
|
|
Term
Designed to simplify the deployment of 802.1x by using Microsoft Windows logins and passwords
a.War chalking
b.Bluetooth
c.Protected EAP
d.War driving
e.Initialization
f.TKIP
g.Lightweight EAP
h.SSID
i.Evil twin
|
|
Definition
|
|
Term
| TACACS+ and RADIUS are designed to support hundreds of remote connections. |
|
Definition
|
|
Term
| ____ is often used for managing user access to one or more systems. |
|
Definition
| Rule Based Access Control |
|
|
Term
| The most restrictive access control model is ____. |
|
Definition
|
|
Term
| A computer user may be authorized or granted permission to log on to a system by presenting valid credentials, yet that authorization does not mean that the user can then access any and all resources. |
|
Definition
|
|
Term
| ____ is suitable for what are called “high-volume service control applications” such as dial-in access to a corporate network. |
|
Definition
|
|
Term
| ____ indicates when an account is no longer active. |
|
Definition
|
|
Term
| Authorization and access are viewed as synonymous and in access control, they are the same step. |
|
Definition
|
|
Term
| ____ attacks may allow an attacker to construct LDAP statements based on user input statements. |
|
Definition
|
|
Term
| A user accessing a computer system must present credentials or ____ when logging on to the system. |
|
Definition
|
|
Term
| A user under Role Based Access Control can be assigned only one ____. |
|
Definition
|
|
Term
| A(n) ____ is a set of permissions that are attached to an object. |
|
Definition
|
|
Term
| The ____ model is the least restrictive. |
|
Definition
|
|
Term
| During RADIUS authentication the AP, serving as the authenticator that will accept or reject the wireless device, creates a data packet from this information called the ____. |
|
Definition
|
|
Term
| In the UAC dialog boxes, the color ____ indicates the lowest risk. |
|
Definition
|
|
Term
| A shield icon warns users if they attempt to access any feature that requires UAC permission. |
|
Definition
|
|
Term
| The X.500 standard defines a protocol for a client application to access an X.500 directory called ____. |
|
Definition
|
|
Term
| ____ is an authentication service commonly used on UNIX devices that communicates by forwarding user authentication information to a centralized server. |
|
Definition
|
|
Term
| A(n) ____ model is a standard that provides a predefined framework for hardware and software developers who need to implement access control in their devices or applications. |
|
Definition
|
|
Term
| ____ requires that if the fraudulent application of a process could potentially result in a breach of security, then the process should be divided between two or more individuals. |
|
Definition
|
|
Term
| ____ requires that if the fraudulent application of a process could potentially result in a breach of security, then the process should be divided between two or more individuals. |
|
Definition
|
|
Term
| A user or a process functioning on behalf of the user that attempts to access an object is known as the ____. |
|
Definition
|
|
Term
| ____ accounts are user accounts that remain active after an employee has left an organization. |
|
Definition
|
|
Term
| ____ is an authentication system developed by the Massachusetts Institute of Technology (MIT) and used to verify the identity of networked users. |
|
Definition
|
|
Term
| The strength of RADIUS is that messages are always directly sent between the wireless device and the RADIUS server. |
|
Definition
|
|
Term
| The action that is taken by the subject over the object is called a(n) ____. |
|
Definition
|
|
Term
| ____ is considered a more “real world” access control than the other models because the access is based on a user’s job function within an organization. |
|
Definition
| Role Based Access Control |
|
|
Term
Granting permission to take an action
a.Authorization
b.Custodian
c.Access
d.Object
e.Identification
f.Owner
g.Directory service
h.Authentication
i.End user
|
|
Definition
|
|
Term
A review of credentials
a.Authorization
b.Custodian
c.Access
d.Object
e.Identification
f.Owner
g.Directory service
h.Authentication
i.End user
|
|
Definition
|
|
Term
Validating credentials as genuine
a.Authorization
b.Custodian
c.Access
d.Object
e.Identification
f.Owner
g.Directory service
h.Authentication
i.End user
|
|
Definition
|
|
Term
The right given to access
a.Authorization
b.Custodian
c.Access
d.Object
e.Identification
f.Owner
g.Directory service
h.Authentication
i.End user
|
|
Definition
|
|
Term
A specific resource, such as a file or a hardware device
a.Authorization
b.Custodian
c.Access
d.Object
e.Identification
f.Owner
g.Directory service
h.Authentication
i.End user
|
|
Definition
|
|
Term
Person responsible for the information
a.Authorization
b.Custodian
c.Access
d.Object
e.Identification
f.Owner
g.Directory service
h.Authentication
i.End user
|
|
Definition
|
|
Term
Individual to whom day-to-day actions have been assigned
a.Authorization
b.Custodian
c.Access
d.Object
e.Identification
f.Owner
g.Directory service
h.Authentication
i.End user
|
|
Definition
|
|
Term
User who accesses information in the course of routine job responsibilities
a.Authorization
b.Custodian
c.Access
d.Object
e.Identification
f.Owner
g.Directory service
h.Authentication
i.End user
|
|
Definition
|
|
Term
A database stored on the network itself that contains information about users and network devices
a.Authorization
b.Custodian
c.Access
d.Object
e.Identification
f.Owner
g.Directory service
h.Authentication
i.End user
|
|
Definition
|
|
Term
| ____ is the time it takes for a key to be pressed and then released. |
|
Definition
|
|
Term
| Windows Live ID was originally designed as a ____ system that would be used by a wide variety of Web servers. |
|
Definition
federated identity management |
|
|
Term
| If a user typically accesses his bank’s Web site from his home computer on nights and weekends, then this information can be used to establish a ____ of typical access. |
|
Definition
|
|
Term
| Using a rainbow table to crack a password requires three steps. |
|
Definition
|
|
Term
| Although brute force and dictionary attacks were once the primary tools used by attackers to crack an encrypted password, today attackers usually prefer ____. |
|
Definition
|
|
Term
| A ____ is a secret combination of letters, numbers, and/or characters that only the user should know. |
|
Definition
|
|
Term
| Trusted OSs have been used since the late 1960s, initially for government and military applications. |
|
Definition
|
|
Term
| ___ accepts spoken words for input as if they had been typed on the keyboard. |
|
Definition
|
|
Term
| Today’s operating systems have roots dating back 20 or more years, well before security was identified as a critical process. |
|
Definition
|
|
Term
| ____ is using a single authentication credential that is shared across multiple networks. |
|
Definition
|
|
Term
| ___ attack is where every possible combination of letters, numbers, and characters is used to create encrypted passwords. |
|
Definition
|
|
Term
| It is predicted that ____ could become a key element in authentication in the future. |
|
Definition
|
|
Term
| ____ permits users to share resources stored on one site with a second site without forwarding their authentication credentials to the other site. |
|
Definition
|
|
Term
| The set of letters, symbols, and characters that make up the password are known as a ____ set. |
|
Definition
|
|
Term
| ____ can use fingerprints or other unique characteristics of a person’s face, hands, or eyes (irises and retinas) to authenticate a user. |
|
Definition
|
|
Term
| The ____ attack will slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters such as @, $, !, or % |
|
Definition
|
|
Term
| To create a rainbow table, each ____ begins with an initial password that is encrypted. |
|
Definition
|
|
Term
| The weakness of passwords centers on ____. |
|
Definition
|
|
Term
| Passwords provide strong protection. |
|
Definition
|
|
Term
| Microsoft is Windows ____ is a feature of Windows that is intended to provide users with control of their digital identities while helping them to manage privacy. |
|
Definition
|
|
Term
| ____ is related to the perception, thought process, and understanding of the user. |
|
Definition
|
|
Term
| Due to the limitations of online guessing, most password attacks today use ____. |
|
Definition
|
|
Term
| Token credentials can be revoked at any time by the user without affecting other token credentials issued to other sites. |
|
Definition
|
|
Term
| ____ holds the promise of reducing the number of usernames and passwords that users must memorize. |
|
Definition
|
|
Term
| A(n) ____ can also capture transmissions that contain passwords. |
|
Definition
|
|
Term
| An operating system that has been reengineered so that it is designed to be secure from the ground up is known as a ____. |
|
Definition
|
|
Term
A password attack in which every possible combination of letters, numbers, and characters is used to create encrypted passwords that are matched with those in a stolen password file
a.Standard biometrics
b.CAC
c.Account Lockout Policy
d.Token
e.Brute Force
f.Rainbow tables
g.Behavioral biometrics
h.PIV
i.Hybrid |
|
Definition
|
|
Term
Make password attacks easier by creating a large pregenerated data set of encrypted passwords
a.Standard biometrics
b.CAC
c.Account Lockout Policy
d.Token
e.Brute Force
f.Rainbow tables
g.Behavioral biometrics
h.PIV
i.Hybrid
|
|
Definition
|
|
Term
A Department of Defense (DoD) smart card used for identification for active-duty and reserve military personnel along with civilian employees and special contractors
a.Standard biometrics
b.CAC
c.Account Lockout Policy
d.Token
e.Brute Force
f.Rainbow tables
g.Behavioral biometrics
h.PIV
i.Hybrid
|
|
Definition
|
|
Term
A government standard for smart cards that covers all government employees
a.Standard biometrics
b.CAC
c.Account Lockout Policy
d.Token
e.Brute Force
f.Rainbow tables
g.Behavioral biometrics
h.PIV
i.Hybrid
|
|
Definition
|
|
Term
A small device that can be affixed to a keychain with a window display that shows a code to be used for authentication
a.Standard biometrics
b.CAC
c.Account Lockout Policy
d.Token
e.Brute Force
f.Rainbow tables
g.Behavioral biometrics
h.PIV
i.Hybrid
|
|
Definition
|
|
Term
Using fingerprints or other unique physical characteristics of a person’s face, hands, or eyes for authentication
a.Standard biometrics
b.CAC
c.Account Lockout Policy
d.Token
e.Brute Force
f.Rainbow tables
g.Behavioral biometrics
h.PIV
i.Hybrid
|
|
Definition
|
|
Term
Authenticating a user by the normal actions that the user performs
a.Standard biometrics
b.CAC
c.Account Lockout Policy
d.Token
e.Brute Force
f.Rainbow tables
g.Behavioral biometrics
h.PIV
i.Hybrid
|
|
Definition
|
|
Term
A password attack that slightly alters dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters
a.Standard biometrics
b.CAC
c.Account Lockout Policy
d.Token
e.Brute Force
f.Rainbow tables
g.Behavioral biometrics
h.PIV
i.Hybrid
|
|
Definition
|
|
Term
Prevents a logon after a set number of failed logon attempts within a specified period
a.Standard biometrics
b.CAC
c.Account Lockout Policy
d.Token
e.Brute Force
f.Rainbow tables
g.Behavioral biometrics
h.PIV
i.Hybrid
|
|
Definition
|
|
