1 What are the means of authenticating a user's identity?
A. Something the individual knows
B. Something the individual possesses
C. Something the individual is
D. Something the individual does
E. All of the above
F. None of the above
2 Lower the false match rate, better the quality of the security application
True False
3 Countermeasure for the theft of system password file
A. Lockout all passwords
B. Fast reissuance of all passwords
C. Enforce a password policy that makes very difficult to guess password
D. User training
E. All of the above
4 List basic techniques to avoid guessable passwords
5 Smart card contains
A. Microprocessor
B. Small database of password and user information
C. A self-erase mechanism in case of suspected misuse
D. All of the above
6 Biometric system can authorize an user to use a computer system, but it cannot authenticate
True False
7 The function of processor in ATM architecture
8 Type of Access control based on how sensitive and important the Object is
A. DAC - Discretionary Access Control
B. MAC - Mandatory Access Control
C. RBAC - Role based Access Control
D. All of the above
9 Kind of constraint that stipulates that a user can be assigned to a role only if that user was already given another role.
A. Cardinality
B. Mutually Exclusive
C. Prerequisite
D. Any one of the above
10 Match the following
A. Subject 1) That can create resource
B. Object 2) That accesses objects
C. Owner 3) Subjects to give minimal access
D. World 4) Entity whose access to control
11 Write down the main difference between Core RBAC and Hierarchical RBAC
12 The protection mechanism that detects potential attack and alerts the administrators
A. Firewalls
B. Port Scanner
C. TACACS
D. IDPS
E. All of the above
13 The protection mechanism used to authenticate remote users
A. Firewalls
B. Port Scanner
C. TACACS
D. IDPS
E. All of the above
14 Administrators can use this tool to check what Servers are offering what services and are vulnerable to what type of attacks
A. Firewalls
B. Port Scanner
C. TACACS
D. IDPS
E. All of the above
15 Following technology (technologies) help to secure emails
A. PGP
B. S/MIME
C. PEM
D. Digital Certificate
E. All of the above
16 Following technology (technologies) help to secure general web browsing and web-based applications such as this class
A. SET
B. SSL
C. SHTTP
D. SSH
E. All of the above
17 Computer Security: Principles and Practice, Second Edition, by William Stallings and Lawrie Brown. Published by Prentice Hall. Copyright © 2012 by Pearson Education, Inc.
Which one of the following is User authentication protocol
A. X.509
B. Kerboros
C. S/MIME
D. All of the above
18 Write down the improvements made in Version 5 Kerboros
19 Which one of the following is Directory authentication protocol
A. X.509
B. Kerboros
C. S/MIME
D. All of the above
20 This Language support remote procedure calls involving complex data objects
A. XML
B. SOAP
C. WS-Security
D. SAML
E. All of the above
21 This Language helps to exchange security information between desperate systems.
A. XML
B. SOAP
C. WS-Security
D. SAML
E. All of the above
22 List the elements of Public Key Infrastructure (PKIX) Model