
Domain 4 Quiz
Domain 4 Quiz
-
Jenny can unlock her work mobile phone by drawing a pattern
on the screen with her finger.
This mode of authentication verifies:
- Something you know
- Something you have
- Something you are
- Something you do
- Somewhere you are
-
To enter the server room Joe must pass through a mantrap,
entering a PIN on a keypad at the outer door,
entering the mantrap and closing the door behind him,
swiping his badge on the reader,
then typing a password into a keyboard by the inner door.
How many factors is this?
- 1
- 2
- 3
- 4
-
To enter the server room Joe must
be recognized by the guard,
enter a PIN on the keypad,
and place his hand on a scanner.
How many factors is this?
- 1
- 2
- 3
- 4
-
To enter the server room Joe must
be recognized by the guard,
show the guard his badge,
and enter a PIN on the keypad.
How many factors is this?
- 1
- 2
- 3
- 4
-
Joe has been given a Post-It note with a PIN written on it.
To enter the server room he must
be recognized by the guard,
tell the guard the passphrase of the day,
and enter the PIN on the keypad.
How many factors is this?
- 1
- 2
- 3
- 4
-
Yoyodyne Corporation plans to use Active Directory
for single sign-on throughout the enterprise.
Which network protocols must be added to the ALLOW
list in all internal router ACLs?
Select two.
- LDAP
- LDAPS
- Kerberos
- X.500
-
Dmitri's company wants to establish SSO.
The initial analysis concluded that they need a system
that handles both authentication and authorization with tokens.
Dmitri has concluded that the protocol used by Facebook and
LinkedIn is the most promising.
He is favoring:
- SAML
- OAUTH
- OpenID
- WS-Federation
- Shibboleth
-
Kristina works at a financial services firm that suffered a
major breach.
They have implemented a centralized AAA system regulating
access to the Intranet.
After proving their identity with a smart card and a
complex passphrase, users are connected to the appropriate
VLAN.
Internal services are only provided to user sessions holding
valid service tickets.
Intranet activity records are continuously analyzed to
detect inappropriate or malicious activity.
Identify this latter activity.
- Identification
- Authentication
- Authorization
- Auditing
-
Pedro's manager has been given a recommendation that they
implement a single-sign on solution in which user sessions
will have cryptographic software tokens providing
their identity,
their authorization to use services,
and the cryptographic keys used to secure their communication.
What should Pedro recommend?
- Kerberos
- RADIUS
- SAML
- VPN
-
Mikhail, a system administrator, has been asked by Kelli,
a database administrator, to create an account for the new
database project.
The account should require authenticated access,
have auditing enable,
but incapable of interaction,
with credentials that rarely if ever change.
What type of account should Mikhail create?
- Ordinary user
- Privileged user
- Administrator
- Guest
- Service
- Management
apache
ornginx
owning the web service configuration file, logs, and web service processes. The question is really: "What do we call these types of accounts, service or management?" -
Which password policy setting would require a user to
include both digits and special characters in their
password?
- Prohibiting dictionary words
- Length
- Complexity
- Maximum age
- Minimum age
- Expiration
- Length
-
Akira authenticates with a device that displays a different
value every minute.
What is this an example of?
- Multi-factor
- OTP
- HOTP
- TOTP
-
Kerberos provides which three of the following?
Select three.
- Network intrusion detection
- ESSO
- Cryptographic key control
- Log analysis and alerting
- An API supporting third-party applications
- A "single pane of glass" dashboard
-
Functional SSO must incorporate which of the following?
- Active Directory
- RADIUS
- Federated identity management
- Kerberos
-
Which of these is an XML-based open-source standard that
involves an IdP or Identity Provider,
an SP or Service Provider, and a Principal,
and is the basis for several other authentication systems?
- SAML
- OAUTH
- OpenID
- Shibboleth
- WS-Federation
-
A military contractor is very worried about physical intrusion.
They need to keep unauthorized individuals out of sensitive
areas.
Inappropriately allowing an unauthorized individuals into
an area is classified as which of the following:
- False Acceptance
- False Rejection
- False Positive
- False Negative
- Fail Open
- Fail Closed
-
Which of these is an open-source standards-based solution
for single sign-on web authentication, based largely on SAML?
- OAUTH
- OpenID
- EAP-TLS
- Shibboleth
- WS-Federation
-
Mutual authentication involves which two?
Select two.
- Client authenticating the server
- Client authorizing the server
- Server authenticating the client
- Server authorizing the client
Passing = 82% of 18 = 14.8
Goal = 91% of 18 = 16.4