it security defense against the digital dark arts week 3 answers
Authentication
1. How is authentication different from authorization?
- Authentication is verifying access to a resource; authorization is verifying an identity.
- Authentication is identifying a resource; authorization is verifying access to an identity.
- They’re the same thing.
- Authentication is verifying an identity; authorization is verifying access to a resource.
2. What are some characteristics of a strong password? Check all that apply,
- Includes numbers and special characters
- Is used across accounts and systems
- Contains dictionary words
- Is at least eight characters long
3. In a multi-factor authentication scheme, a password can be thought of as:
- something you have.
- something you use.
- something you know.
- something you are.
4. What are some drawbacks to using biometrics for authentication? Check all that apply.
- Biometric authentication is difficult or impossible to change if compromised.
- Biometrics are easy to share.
- There are potential privacy concerns.
- Biometric authentication is much slower than alternatives.
5. In what way are U2F tokens more secure than OTP generators?
- They can’t be cloned.
- They’re password-protected.
- They’re cheaper.
- They’re resistant to phishing attacks.
6. What elements of a certificate are inspected when a certificate is verified? Check all that apply.
- Trust of the signatory CA
- “Not valid before” date
- Certificate key size
- “Not valid after” date
7. What is a CRL?
- Certificate Revocation List
- Certificate Recording Language
- Caramel Raspberry Lemon
- Certified Recursive Listener
8. What are the names of similar entities that a Directory server organizes entities into?
- Clusters
- Groups
- Tress
- Organizational Units
9. True or false: The Network Access Server handles the actual authentication in a RADIUS scheme.
- True
- False
11. What does a Kerberos authentication server issue to a client that successfully authenticates?
- An encryption key
- A ticket-granting ticket
- A master password
- A digital certificate
12. What advantages does single sign-on offer? Check all that apply.
- It reduces the total number of credentials,
- It enforces multifactor authentication.
- It reduces time spent authenticating.
- It provides encrypted authentication.
13. What does OpenID provide?
- Certificate signing
- Digital signatures
- Authentication delegation
- Cryptographic hashing