Scribd
Upload
52 views2 pages

FCF - Technical Introduction To Cybersecurity 1 0 Self-Paced Module 3 Authentication and Access Control

The document consists of a series of multiple-choice questions related to authentication methods, access control principles, and responsibilities of governing bodies in cybersecurity. It covers topics such as possession-based authentication, the principle of least privilege, multi-factor authentication, and the role of entities in the authentication process. Additionally, it addresses protocols for single sign-on and attributes used in access control schemes.

Uploaded by

francisco de jesus
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
52 views2 pages

FCF - Technical Introduction To Cybersecurity 1 0 Self-Paced Module 3 Authentication and Access Control

The document consists of a series of multiple-choice questions related to authentication methods, access control principles, and responsibilities of governing bodies in cybersecurity. It covers topics such as possession-based authentication, the principle of least privilege, multi-factor authentication, and the role of entities in the authentication process. Additionally, it addresses protocols for single sign-on and attributes used in access control schemes.

Uploaded by

francisco de jesus
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

Question 1: Which is an example of a possession-based authentication method?

 Texting a one-time code through SMS


 Using your eye to pass a biometric lock
 Having your password written down in a secure location
 Carrying your laptop home
Question 2: Which two are aspects of the principle of least privilege? (Choose two.)
 Allowing easy, baseline access for all
 Allowing only what users and devices need
 Allowing access until proven otherwise
 Reducing error by minimizing access
Question 3: Which two are the responsibilities of an authentication governing body? (Choose two.)
 Creating disaster recovery policies
 User onboarding
 Reviewing the password strength policy
 User certification
Question 4: What type of access control allows the device or person performing the authentication the
ability to allow or deny access?
 Lattice-based access control
 Discretionary access control
 Role-based access control
 Mandatory access control
Question 5: Which two should be selected to create secure multi-factor authentication to access
a computer system? (Choose two.)
 Smart Card
 Voice identification
 Height sensor
 Password
Question 6: Which two are performed by the supplicant in 802.1x authentication? (Choose two.)
 Verifying identity
 Providing identity
 Connecting to a network
 Sending an accept message to the intermediary
Question 7: What does a NAC use to identify attached devices and allow access?
 Retinal pattern
 Device memory size
 Username
 Device profile
Question 8: Which one makes the allow or deny decision in the authentication process?
 Authentication server
 Supplicant
 Access point
 Intermediary
Question 9: Which protocol can perform SSO?
 TCP
 DNS
 CHAP
 Kerberos
Question 10: Which type of access control scheme does a NAC apply?
 Mandatory access control
 Attribute-based access control
 Lattice-based access control
 Discretionary access control
Question 11: In SSO authentication, which two entities know the unhashed credentials? (Choose two.)
 Service provider
 User
 Internet service provider
 Identify provider
Question 12: Which three can be used as attributes in attribute-based access control? (Choose three.)
 MAC address
 DHCP IP address
 Hours in a day
 Time of day

You might also like