Need Nursing, Psychology, Sociology, SOAP Notes / Decision Trees Writing Help? You are sorted. ORDER NOW »»

Reasons people might be reluctant to use biometrics for authentication is: hygiene or fear of personal injury and false negatives (falsely not being allowed into a system).

We will write a custom paper on

Reasons people might be reluctant to use biometrics for authentication is

specifically for you
Order Now»»
Question 1 options:

Save

Question 2 (3 points)

 Question 2 Saved

A hash algorithm  uses a one-way cryptographic function, whereas both secret-key and public-key systems use two-way (i.e., reversible) cryptographic functions.

Question 2 options:

Save

Question 3 (3 points)

 Question 3 Saved

AES uses the Rijndael algorithm.

Question 3 options:

Save

Question 4 (3 points)

 Question 4 Unsaved

Encrypting a message with the sender’s private key ensures proof of receipt of a message.

Question 4 options:

Save

Question 5 (3 points)

 Question 5 Unsaved

Two purpose of using a salt value in storing (hashed) passwords is to prevent password duplication and thwart guessing whether a user has the same password on multiple systems.

Question 5 options:

Save

Question 6 (3 points)

 Question 6 Unsaved

In Role-Based Access Control Systems, a user is assigned no more than one role to limit the damage a user can do.

Question 6 options:

Save

Question 7 (3 points)

 Question 7 Unsaved

If person A uses AES to transmit an encrypted message to person B, which key or keys will A have to use:

Question 7 options:

A’s private key

A’s public key

B’s private key or public key

None of the keys listed above

Save

Question 8 (3 points)

 Question 8 Unsaved

Which one of the following is not a goal of cryptographic systems?

Question 8 options:

Nonrepudiation

Availability

onfidentiality

Integrity

Save

Question 9 (3 points)

 Question 9 Unsaved

Mia, Ashley, Mark, and Chris are studying at Café Roma. Who may be putting their personal information at risk (select all that apply)?

Question 9 options:

Chris logs in to eLearning to work on an assignment that does not contain sensitive information.

Ashley turns off the wireless option when working on files that don’t need an Internet connection.

Mark is paying credit card bills on-line.

Mia takes a break from studying by doing some online shopping. She buys shoes from a site she’s never visited before.

Save

Question 10 (3 points)

 Question 10 Unsaved

For any organization, understanding the nature of the cybersecurity threat requires knowing at least which of the following elements: (select all that apply)

Question 10 options:

number and types of security guards

number and types of vulnerabilities that exist in a system

number and types of likely threats to a system

number and types of employees

Save

Question 11 (3 points)

 Question 11 Unsaved

There are basically three categories of rules in control models:

Question 11 options:

Mandatory, control, and access

Discretionary, mandatory and protection

Non-discretionary, discretionary and logical control

Mandatory, discretionary, and non-discretionary

Save

Question 12 (3 points)

 Question 12 Unsaved

To control access by a subject (____________) to an object (              ) requires management to establish access rules.

Question 12 options:

person or program, files or device

os or memory, files or device

person or program, access or control

none of the above

Save

Question 13 (3 points)

 Question 13 Unsaved

__________ implements a security policy that specifies who or what may have access to each specific system resource and the type of access that is permitted in each instance.

Question 13 options:

Audit control

Access control

System control

Resource control

Save

Question 14 (3 points)

 Question 14 Unsaved

IT security management functions include:

Question 14 options:

determining organizational IT security objectives, strategies, and policies

detecting and reacting to incidents

specifying appropriate safeguards

all of the above

Save

Question 15 (3 points)

 Question 15 Unsaved

To counter threats to remote user authentication, systems generally rely on some form of ___________ protocol.

Question 15 options:

challenge-response

eavesdropping

Trojan horse

denial-of-service

Save

Question 16 (3 points)

 Question 16 Unsaved

Each individual who is to be included in the database of authorized users must first be __________ in the system.

Question 16 options:

verified

authenticated

enrolled

identified

Save

Question 17 (3 points)

 Question 17 Unsaved

A __________ is an entity capable of accessing objects.

Question 17 options:

group

object

subject

owner

Save

Question 18 (3 points)

 Question 18 Unsaved

Based on the concept in Chapter 4, the final permission bit is the _________ bit.

Question 18 options:

superuser

kernel

sticky

user

Save

Question 19 (3 points)

 Question 19 Unsaved

What is the general term for the process of protecting objects that are part of the multiprocessing environment?

Question 19 options:

Memory segmentation

Multitasking

Process control

Access control

Save

Question 20 (3 points)

 Question 20 Unsaved

__________ defines user authentication as “the process of verifying an identity claimed by or for a system entity”.

Question 20 options:

RFC4949

RFC2298

RFC2493

RFC2328

Save

Question 21 (3 points)

 Question 21 Unsaved

Recognition by fingerprint, retina, and face are examples of __________.

Question 21 options:

face recognition

dynamic biometrics

static biometrics

token authentication

Save

Question 22 (3 points)

 Question 22 Unsaved

The __________ strategy is when users are told the importance of using hard to guess passwords and provided with guidelines for selecting strong passwords.

Question 22 options:

reactive password checking

proactive password checking

user education

computer-generated password

Save

Question 23 (3 points)

 Question 23 Unsaved

To counter threats to remote user authentication, systems generally rely on some form of ___________ protocol.

Question 23 options:

eavesdropping

challenge-response

Trojan horse

denial-of-service

Save

Question 24 (3 points)

 Question 24 Unsaved

An institution that issues debit cards to cardholders and is responsible for the cardholder’s account and authorizing transactions is the _________.

Question 24 options:

cardholder

issuer

auditor

processor

Save

Question 25 (3 points)

 Question 25 Unsaved

Any program that is owned by, and SetUID to, the “superuser” potentially grants unrestricted access to the system to any user executing that program.

Question 25 options:

Save

Question 26 (3 points)

 Question 26 Unsaved

The main innovation of the NIST standard is the introduction of the RBAC System and Administrative Functional Specification,which defines the features required for an RBAC system.

Question 26 options:

Save

Question 27 (3 points)

 Question 27 Unsaved

__________ is the traditional method of implementing access control.

Question 27 options:

MAC

RBAC

MBAC

DAC

Save

Question 28 (3 points)

 Question 28 Unsaved

A concept that evolved out of requirements for military information security is ______ .

Question 28 options:

reliable input

mandatory access control

discretionary input

open and closed policies

Save

Question 29 (3 points)

 Question 29 Unsaved

The default set of rights should always follow the rule of least privilege or read-only access.

Question 29 options:

Save

Question 30 (3 points)

 Question 30 Unsaved

The principal objectives of computer security are to prevent unauthorized users from gaining access to resources, to prevent legitimate users from accessing resources in an unauthorized manner, and to enable legitimate users to access resources in an authorized manner.

Question 30 options:

Save

Question 31 (3 points)

 Question 31 Unsaved

__________ implements a security policy that specifies who or what may have access to each specific system resource and the type of access that is permitted in each instance.

Question 31 options:

Audit control

Resource control

System control

Access control

Save

Question 32 (3 points)

 Question 32 Unsaved

_________ is the granting of a right or permission to a system entity to access a system resource.

Question 32 options:

Authorization

Authentication

Monitoring

Control

Save

Question 33 (3 points)

 Question 33 Unsaved

A __________ is a named job function within the organization that controls this computer system.

Question 33 options:

permission

role

user

session

Save

Question 34 (6 points)

 Question 34 Unsaved

Can a user cleared for <secret; {dog, cat, pig}> have access to documents classified in each of the following ways under the military security model? (6 points)

Yes/No

  1. <top secret; dog>             _________________
  2. <secret; {dog}>                 __________________
  3. <secret; {dog, cow}>        __________________
  4. <secret; {moose}>                           _________________
  5. <confidential; {dog, cat, pig}>      _________
  6. <confidential; {moose}> __________________

Ultra Fast Custom Academic Help

Order Now

error: