Reasons people might be reluctant to use biometrics for authentication is

Reasons people might be reluctant to use biometrics for authentication is: hygiene or fear of personal injury and false negatives (falsely not being allowed into a system).

A hash algorithm  uses a one-way cryptographic function, whereas both secret-key and public-key systems use two-way (i.e., reversible) cryptographic functions.

AES uses the Rijndael algorithm.

Encrypting a message with the sender’s private key ensures proof of receipt of a message.

Two purpose of using a salt value in storing (hashed) passwords is to prevent password duplication and thwart guessing whether a user has the same password on multiple systems.

In Role-Based Access Control Systems, a user is assigned no more than one role to limit the damage a user can do.

If person A uses AES to transmit an encrypted message to person B, which key or keys will A have to use:

Which one of the following is not a goal of cryptographic systems?

Mia, Ashley, Mark, and Chris are studying at Café Roma. Who may be putting their personal information at risk (select all that apply)?

For any organization, understanding the nature of the cybersecurity threat requires knowing at least which of the following elements: (select all that apply)

There are basically three categories of rules in control models:

To control access by a subject (____________) to an object (              ) requires management to establish access rules.

__________ implements a security policy that specifies who or what may have access to each specific system resource and the type of access that is permitted in each instance.

IT security management functions include:

To counter threats to remote user authentication, systems generally rely on some form of ___________ protocol.

Each individual who is to be included in the database of authorized users must first be __________ in the system.

A __________ is an entity capable of accessing objects.

Based on the concept in Chapter 4, the final permission bit is the _________ bit.

What is the general term for the process of protecting objects that are part of the multiprocessing environment?

__________ defines user authentication as “the process of verifying an identity claimed by or for a system entity”.

Recognition by fingerprint, retina, and face are examples of __________.

The __________ strategy is when users are told the importance of using hard to guess passwords and provided with guidelines for selecting strong passwords.

To counter threats to remote user authentication, systems generally rely on some form of ___________ protocol.

An institution that issues debit cards to cardholders and is responsible for the cardholder’s account and authorizing transactions is the _________.

Any program that is owned by, and SetUID to, the “superuser” potentially grants unrestricted access to the system to any user executing that program.

The main innovation of the NIST standard is the introduction of the RBAC System and Administrative Functional Specification,which defines the features required for an RBAC system.

__________ is the traditional method of implementing access control.

A concept that evolved out of requirements for military information security is ______ .

The default set of rights should always follow the rule of least privilege or read-only access.

The principal objectives of computer security are to prevent unauthorized users from gaining access to resources, to prevent legitimate users from accessing resources in an unauthorized manner, and to enable legitimate users to access resources in an authorized manner.

__________ implements a security policy that specifies who or what may have access to each specific system resource and the type of access that is permitted in each instance.

_________ is the granting of a right or permission to a system entity to access a system resource.

A __________ is a named job function within the organization that controls this computer system.

Can a user cleared for <secret; {dog, cat, pig}> have access to documents classified in each of the following ways under the military security model? (6 points)

Yes/No

1. <top secret; dog>             _________________
2. <secret; {dog}>                 __________________
3. <secret; {dog, cow}>        __________________
4. <secret; {moose}>                           _________________
5. <confidential; {dog, cat, pig}>      _________
6. <confidential; {moose}> __________________