Reasons people might be reluctant to use biometrics for authentication is: hygiene or fear of personal injury and false negatives (falsely not being allowed into a system).
Save
Question 2(3 points)
A hash algorithm uses a one-way cryptographic function, whereas both secret-key and public-key systems use two-way (i.e., reversible) cryptographic functions.
Save
Question 3(3 points)
AES uses the Rijndael algorithm.
Save
Question 4(3 points)
Encrypting a message with the sender’s private key ensures proof of receipt of a message.
Save
Question 5(3 points)
Two purpose of using a salt value in storing (hashed) passwords is to prevent password duplication and thwart guessing whether a user has the same password on multiple systems.
Save
Question 6(3 points)
In Role-Based Access Control Systems, a user is assigned no more than one role to limit the damage a user can do.
Save
Question 7(3 points)
If person A uses AES to transmit an encrypted message to person B, which key or keys will A have to use:
Save
Question 8(3 points)
Which one of the following is not a goal of cryptographic systems?
Save
Question 9(3 points)
Mia, Ashley, Mark, and Chris are studying at Café Roma. Who may be putting their personal information at risk (select all that apply)?
Save
Question 10(3 points)
For any organization, understanding the nature of the cybersecurity threat requires knowing at least which of the following elements: (select all that apply)
Save
Question 11(3 points)
There are basically three categories of rules in control models:
Save
Question 12(3 points)
To control access by a subject (____________) to an object () requires management to establish access rules.
Save
Question 13(3 points)
__________ implements a security policy that specifies who or what may have access to each specific system resource and the type of access that is permitted in each instance.
Save
Question 14(3 points)
IT security management functions include:
Save
Question 15(3 points)
To counter threats to remote user authentication, systems generally rely on some form of ___________ protocol.
Save
Question 16(3 points)
Each individual who is to be included in the database of authorized users must first be __________ in the system.
Save
Question 17(3 points)
A __________ is an entity capable of accessing objects.
Save
Question 18(3 points)
Based on the concept in Chapter 4, the final permission bit is the _________ bit.
Save
Question 19(3 points)
What is the general term for the process of protecting objects that are part of the multiprocessing environment?
Save
Question 20(3 points)
__________ defines user authentication as “the process of verifying an identity claimed by or for a system entity”.
Save
Question 21(3 points)
Recognition by fingerprint, retina, and face are examples of __________.
Save
Question 22(3 points)
The __________ strategy is when users are told the importance of using hard to guess passwords and provided with guidelines for selecting strong passwords.
Save
Question 23(3 points)
To counter threats to remote user authentication, systems generally rely on some form of ___________ protocol.
Save
Question 24(3 points)
An institution that issues debit cards to cardholders and is responsible for the cardholder’s account and authorizing transactions is the _________.
Save
Question 25(3 points)
Any program that is owned by, and SetUID to, the “superuser” potentially grants unrestricted access to the system to any user executing that program.
Save
Question 26(3 points)
The main innovation of the NIST standard is the introduction of the RBAC System and Administrative Functional Specification,which defines the features required for an RBAC system.
Save
Question 27(3 points)
__________ is the traditional method of implementing access control.
Save
Question 28(3 points)
A concept that evolved out of requirements for military information security is ______ .
Save
Question 29(3 points)
The default set of rights should always follow the rule of least privilege or read-only access.
Save
Question 30(3 points)
The principal objectives of computer security are to prevent unauthorized users from gaining access to resources, to prevent legitimate users from accessing resources in an unauthorized manner, and to enable legitimate users to access resources in an authorized manner.
Save
Question 31(3 points)
__________ implements a security policy that specifies who or what may have access to each specific system resource and the type of access that is permitted in each instance.
Save
Question 32(3 points)
_________ is the granting of a right or permission to a system entity to access a system resource.
Save
Question 33(3 points)
A __________ is a named job function within the organization that controls this computer system.
Save
Question 34(6 points)
Can a user cleared for <secret; {dog, cat, pig}> have access to documents classified in each of the following ways under the military security model? (6 points)
Dr Kathy William
10 years ago
20
