Name:     ID: 
 
    Email: 

CNG 131 Chapter 02

True/False
Indicate whether the sentence or statement is true or false.
 

 1. 

Passwords need not be memorized.
 

 2. 

The proliferation of computing has lead to the use of weak personal password techniques.
 

Multiple Choice
Identify the letter of the choice that best completes the statement or answers the question.
 

 3. 

An example of a good password is:
a.
password
c.
C73&gh2
b.
admin
d.
help
 

 4. 

A small fixed length numerical value that has been computed as a function of an arbitrary number of bits in a messages is called a(n):
a.
authenticator
c.
checksum
b.
ticket
d.
session key
 

 5. 

A set of electronic information that is used to authenticate the identity of a principal to a service is called a(n):
a.
authenticator
c.
checksum
b.
ticket
d.
session key
 

 6. 

A subset of users in a very large system employing Kerberos is called a(n):
a.
peer
c.
server
b.
client
d.
realm
 

 7. 

Using the same key to both encrypt and decrypt a message is called:
a.
public key
c.
symmetric cipher
b.
private key
d.
asymmetric cipher
 

 8. 

Information that is generated using a secret algorithm is called the:
a.
public key
c.
symmetric cipher
b.
private key
d.
asymmetric cipher
 

 9. 

Combining a secret password with a counter that is synchronized with a counter in a server to produce a one-time password is called a(n):
a.
clock-based token
c.
active token
b.
one-time token
d.
counter-based token
 

 10. 

Which of the following are true about a biometric authentication system?
a.
Your chosen biometric needs to be scanned for the first time after your identity has been verified.
b.
Biometric information must be analyzed and placed into an electronic template.
c.
The template is stored in a data repository for later access.
d.
All of the above.
 

 11. 

When an authorized person is not authenticated by biometric means and they are actually who they calm to be it is called a(n):
a.
false positive
c.
false trigger
b.
false negative
d.
biometric authentication
 

 12. 

Biometrics that involves the measurement and analysis of different hand characteristics and measurements is called:
a.
fingerprints
c.
hand geometry
b.
facial recognition
d.
All of the above
 

 13. 

Biometrics that involves analyzing facial characteristics and measurements is called:
a.
fingerprints
c.
hand geometry
b.
facial recognition
d.
All of the above
 
 
131test_files/i0160000.jpg
 

 14. 

The figure above illustrates and example of what type of authentication?
a.
mutual authentication
c.
cross-realm authentication
b.
normal authentication
d.
multifactor authentication
 

 15. 

A unique identity to which Kerberos grants tickets that can be used to access applications is called the:
a.
token
c.
password
b.
principal
d.
peer
 

 16. 

An algorithmic function that takes an input message of arbitrary length and returns an output of fixed-length is called a(n):
a.
nonrepudiation
c.
password guessing
b.
one-way hash function
d.
checksum
 
 
131test_files/i0200000.jpg
 

 17. 

In the process depicted in the figure above, where does the workstation automatically send a requests for the TGT?
a.
Authentication Server
c.
Ticket Granting Server
b.
Key Distribution Center
d.
Service B
 

 18. 

There are many different password conventions, but which of the following is not one of the basic rules.
a.
memorize your password
b.
passwords should be at least six characters long
c.
keep the same password for the entire year so you don't forget it
d.
All of the above
 

 19. 

What assumes that workstations, servers and other devices that are connected to the network are physically secure without a way for an attacker to gain access to a position between the user and a sought service?
a.
authentication
c.
digital certificate
b.
Kerberos
d.
digital signature
 

 20. 

Which of the following is not true of CHAP security issues?
a.
limits the time of exposure to any single attack
b.
not all implementations of CHAP terminate the link when an authentication process has failed
c.
limits the traffic to a subset of the network layer protocols when authentication process fails
d.
passwords should be the same in both directions
 

 21. 

The process by which each party in an electronic communication verifies the identity of the other party is called:
a.
Kerberized
c.
mutual authentication
b.
biometric authentication
d.
multifactor authentication
 

 22. 

The first step in the CHAP challenge-and-response process is:
a.
the authenticating server responds with use approval
b.
the authenticating server sends a challenge to the peer
c.
the peer asks the authenticating server if it can use CHAP
d.
none of the above
 

 23. 

_____________________ keys can be held by individuals, or groups of individuals, that are part of predefined group.
a.
Public
c.
Neutral
b.
Global
d.
Private
 

Matching
 
 
Please match the best term from the list below to the most appropriate concept.
a.
public key
e.
nonrepudiation
b.
private key
f.
biometric authentication
c.
active token
g.
remote access
d.
passive token
h.
behavioral characteristics
 

 24. 

Storage device for base keys.
 

 25. 

Third-party verification.
 

 26. 

Analyze signing your name.
 

 27. 

Something you would keep secret.
 

 28. 

Fingerprint recognition.
 
 
Please match the best term from the list below to the most appropriate concept.
a.
password
e.
checksum
b.
username
f.
security token
c.
ticket
g.
peer
d.
realm
h.
digital signature
 

 29. 

Authentication device that has been assigned to a specific user by an administrator.
 

 30. 

Unique identifier that is used to identify yourself on a computer system.
 

 31. 

Used to verify the authenticity of the sender of a message.
 

 32. 

Subset of users in a very large system employing Kerberos.
 

 33. 

Device that is trying to establish a PPP connection with an authenticator.
 



 
Submit          Reset Help