Biometrics authentication systems

Exam Questions Part 1: Very Short Answers (2 Points Each) T F Biometrics authentication systems can be subject to the following attacks: Replay, spoofing and false matching attacks. Answer: ____ __________ is/are the foundation of most access controls to ensure CIA (Select one). Confidentiality and integrity Authentication validating one’s claimed identity Monitoring and auditing System isolation Answer: ____ 3. T F A hash algorithm uses a one-way cryptographic function, whereas both secret-key and public-key systems use two-way (i.e., reversible) cryptographic functions.Answer: ____ 4. T F 3DES (Triple DES) requires the use of three independent keys. Answer: _____ T F AES uses the Rijndael algorithm. Answer: _____ T F Encrypting a message with the sender’s private key ensures proof of receipt of a message. Answer: _____ T F Two purpose of using a salt value in storing (hashed) passwords is to prevent password duplication and thwart guessing whether a user has the same password on multiple systems. Answer: _____ T F In Role-Based Access Control Systems, a user is assigned no more than one role to limit the damage a user can do. Answer: _____ If person A uses AES to transmit an encrypted message to person B, which key or keys will A have to use: A’s private key A’s public key B’s private key B’s public key None of the keys listed above Answer(s): ____ Which one of the following is not a goal of cryptographic systems? Nonrepudiation Confidentiality Availability Integrity Answer: _______ Part 2: Short Answers (10 points each). Please answer briefly and completely, and cite all sources of information. Please restrict your answer for each question to three fourth (3/4) of a page (double spaced) or less. Explain multi-factor (multiple means of) authentication of a user and give two examples for each authentication factor. Describe the fundamental principles in both the Bell-LaPadula and Biba security models. For each,...