Question 1

A __________ is directed at the user file at the host where passwords,token passcodes,or biometric templates are stored.
A)eavesdropping attack
B)client attack
C)denial-of-service attack
D)host attack

Accepted Answer

A host attack targets the user file at the host where sensitive information like passwords, token passcodes, or biometric templates are stored. The attacker gains unauthorized access to these files in order to steal or manipulate the data.

Question 2

A __________ attack involves an adversary repeating a previously captured user response.
A)client
B)Trojan horse
C)replay
D)eavesdropping

Accepted Answer

A replay attack involves an adversary capturing a user response and replaying it later. This can be used to gain unauthorized access to a system or data by pretending to be the legitimate user who originally provided the captured response.

Question 3

A __________ is a separate file from the user IDs where hashed passwords are kept.

Accepted Answer

The answer of A __________ is a separate file from...

Question 4

Authentication protocols used with smart tokens can be classified into three categories: static,dynamic password generator,and ___________.

Accepted Answer

The answer of Authentication protocols used with smart tokens can...

Question 5

A host generated random number is often called a __________.

Accepted Answer

The answer of A host generated random number is often...

Question 6

Voice pattern,handwriting characteristics,and typing rhythm are examples of __________ biometrics.

Accepted Answer

The answer of Voice pattern,handwriting characteristics,and typing rhythm are examples...

Question 7

Objects that a user possesses for the purpose of user authentication are called ______.

Accepted Answer

The answer of Objects that a user possesses for the...

Question 8

The technique for developing an effective and efficient proactive password checker based on rejecting words on a list is based on the use of a __________ filter.

Accepted Answer

The answer of The technique for developing an effective and...

Question 9

To counter threats to remote user authentication,systems generally rely on some form of ___________ protocol.
A)eavesdropping
B)challenge-response
C)Trojan horse
D)denial-of-service

Accepted Answer

Challenge-response protocols are commonly used to authenticate remote users. This involves the user providing a response to a challenge presented by the system, which proves their identity. This method is more secure than simply entering a username and password, as the response is generated using a secret key known only to the user and the system. Eavesdropping, Trojan horse attacks, and denial-of-service attacks are all potential threats to remote user authentication that challenge-response protocols can help to mitigate.

Question 10

With the __________ strategy a user is allowed to select their own password,but the system checks to see if the password is allowable.

Accepted Answer

The answer of With the __________ strategy a user is...

Question 11

An institution that issues debit cards to cardholders and is responsible for the cardholder's account and authorizing transactions is the _________.
A)cardholder
B)issuer
C)auditor
D)processor

Accepted Answer

The issuer is the institution responsible for issuing debit cards to cardholders and managing their accounts. The other options - cardholder, auditor, and processor - are not responsible for issuing debit cards and authorizing transactions.

Question 12

The __________ is the pattern formed by veins beneath the retinal surface.

Accepted Answer

The answer of The __________ is the pattern formed by...

Question 13

__________ allows an issuer to access regional and national networks that connect point of sale devices and bank teller machines worldwide.
A)EFT
B)ATM
C)POS
D)ALF

Accepted Answer

EFT (Electronic Funds Transfer) allows an issuer to access regional and national networks that connect point of sale devices and bank teller machines worldwide. This enables the issuer to process transactions and authorize payments globally. ATM (automated teller machine) and POS (point of sale) are specific types of devices that are connected to the EFT network. ALF is not a relevant term in this context.

Question 14

A __________ authentication system attempts to authenticate an individual based on his or her unique physical characteristics.

Accepted Answer

The answer of A __________ authentication system attempts to authenticate...

Question 15

Each individual who is to be included in the database of authorized users must first be __________ in the system.
A)verified
B)identified
C)authenticated
D)enrolled

Accepted Answer

To be included in the database of authorized users, an individual must first enroll in the system. Verification, identification, and authentication may all be steps in the enrollment process, but the most important requirement is that the individual's information is entered into the system to grant access privileges.

Question 16

__________ systems identify features of the hand,including shape,and lengths and widths of fingers.
A)Signature
B)Fingerprint
C)Hand geometry
D)Palm print

Accepted Answer

Hand geometry systems use measurements such as finger lengths and widths, hand shape, and other physical characteristics of the hand to identify individuals. Signature and fingerprint systems are different biometric technologies that use different identifying features. Palm print systems specifically focus on the unique pattern of lines on the palm of the hand.

Question 17

An authentication process consists of the _________ step and the verification step.

Accepted Answer

The answer of An authentication process consists of the _________...

Question 18

__________,in the context of passwords,refers to an adversary's attempt to learn the password by observing the user,finding a written copy of the password,or some similar attack that involves the physical proximity of user and adversary.

Accepted Answer

The answer of __________,in the context of passwords,refers to an...

Question 19

A __________ is when an adversary attempts to achieve user authentication without access to the remote host or to the intervening communications path.
A)client attack
B)host attack
C)eavesdropping attack
D)Trojan horse attack

Accepted Answer

The answer of A __________ is when an adversary attempts...

Question 20

The most common means of human-to-human identification are __________.
A)facial characteristics
B)retinal patterns
C)signatures
D)fingerprints

Accepted Answer

The answer of The most common means of human-to-human identification...

Quiz 3: User Authentication

A __________ is directed at the user file at the host where passwords,token passcodes,or biometric templates are stored.

A __________ attack involves an adversary repeating a previously captured user response.

A __________ is a separate file from the user IDs where hashed passwords are kept.

Authentication protocols used with smart tokens can be classified into three categories: static,dynamic password generator,and ___________.

A host generated random number is often called a __________.

Voice pattern,handwriting characteristics,and typing rhythm are examples of __________ biometrics.

Objects that a user possesses for the purpose of user authentication are called ______.

The technique for developing an effective and efficient proactive password checker based on rejecting words on a list is based on the use of a __________ filter.

To counter threats to remote user authentication,systems generally rely on some form of ___________ protocol.

With the __________ strategy a user is allowed to select their own password,but the system checks to see if the password is allowable.

An institution that issues debit cards to cardholders and is responsible for the cardholder's account and authorizing transactions is the _________.

The __________ is the pattern formed by veins beneath the retinal surface.

__________ allows an issuer to access regional and national networks that connect point of sale devices and bank teller machines worldwide.

A __________ authentication system attempts to authenticate an individual based on his or her unique physical characteristics.

Each individual who is to be included in the database of authorized users must first be __________ in the system.

__________ systems identify features of the hand,including shape,and lengths and widths of fingers.

An authentication process consists of the _________ step and the verification step.

__________,in the context of passwords,refers to an adversary's attempt to learn the password by observing the user,finding a written copy of the password,or some similar attack that involves the physical proximity of user and adversary.

A __________ is when an adversary attempts to achieve user authentication without access to the remote host or to the intervening communications path.

The most common means of human-to-human identification are __________.