INFORMATION SECURITY FINAL EXAM
QUESTIONS AND ANSWERS 100% PASS
Authorization - ANS After the succesful authentication, the authentication next step is:
username and password - ANS In authorization factors, something you know is:
keystroke dynamics - ANS In authentication factor, what do you do:
wireshark - ANS For sniffing of the credentials, the best software is:
Hash value - ANS Once the user enters his/her password, then the system converts the
password into
False - ANS Hash functions is extremely easy to reverse. True or false
Fixed and same - ANS Regardless the length of the password, the hash functions always
creates ______ size of hash
SAM File - ANS The password file stored on windows computer is termed as:
1 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED.
,True - ANS Search space is the all possible passwords. True or false
True - ANS If we increase the length of the password, the size of the search space becomes
longer. True or false
Number of trials for 50% success rate - ANS The formula V=S/2L: here V denotes _______
False - ANS Bio-metrics and tokens are a good choice for a household environment. True or
false
False - ANS Credit and debit cards are examples of Active tokens. True or false
False - ANS Likelihood that the system may authenticate unauthorized people is: false
rejection rate. True or false
True - ANS In challenge response authentication, the user is provided with challenge (random
number) & the user uses his/her base code to find the response. True or false
False - ANS Offline attacks are easy to detect. True or false
False - ANS Shoulder surfing is not a problem at work. True or false
Passive - ANS _____ tokens store the credentials permanently in ROM & the credentials are
static
Hash Value - ANS Usually, the response of the challenge (send by Authentication system) is
_____ calculated with Base Secret
2 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED.
, Track the failed password attempts - ANS To avoid strong risks, which should be the best
technique to detect the guessing attack:
Access Control System - ANS Grants or denies the access to specific equipment and
resources?
Logical - ANS _____access control control the access of computer, networks and
computational systems.
Security Kernel - ANS _____is a security system that enforced access control for
computational systems
True - ANS Security Kernel is usually a centralized system. True or false
Subjects - ANS In Access control systems, the users are known as:
Single sign on (SSO) - ANS Which access control is more suitable in Multi vendor
environment:
Discretionary Access Control (DAC) - ANS Which is the least restricted access control model:
Mandatory Access Control (MAC) - ANS Which is the most restricted access control model:
Rule Based Access Control (RBAC) - ANS Which is the best method for dynamic organizations,
where rules can be assigned to objects.
3 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED.
QUESTIONS AND ANSWERS 100% PASS
Authorization - ANS After the succesful authentication, the authentication next step is:
username and password - ANS In authorization factors, something you know is:
keystroke dynamics - ANS In authentication factor, what do you do:
wireshark - ANS For sniffing of the credentials, the best software is:
Hash value - ANS Once the user enters his/her password, then the system converts the
password into
False - ANS Hash functions is extremely easy to reverse. True or false
Fixed and same - ANS Regardless the length of the password, the hash functions always
creates ______ size of hash
SAM File - ANS The password file stored on windows computer is termed as:
1 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED.
,True - ANS Search space is the all possible passwords. True or false
True - ANS If we increase the length of the password, the size of the search space becomes
longer. True or false
Number of trials for 50% success rate - ANS The formula V=S/2L: here V denotes _______
False - ANS Bio-metrics and tokens are a good choice for a household environment. True or
false
False - ANS Credit and debit cards are examples of Active tokens. True or false
False - ANS Likelihood that the system may authenticate unauthorized people is: false
rejection rate. True or false
True - ANS In challenge response authentication, the user is provided with challenge (random
number) & the user uses his/her base code to find the response. True or false
False - ANS Offline attacks are easy to detect. True or false
False - ANS Shoulder surfing is not a problem at work. True or false
Passive - ANS _____ tokens store the credentials permanently in ROM & the credentials are
static
Hash Value - ANS Usually, the response of the challenge (send by Authentication system) is
_____ calculated with Base Secret
2 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED.
, Track the failed password attempts - ANS To avoid strong risks, which should be the best
technique to detect the guessing attack:
Access Control System - ANS Grants or denies the access to specific equipment and
resources?
Logical - ANS _____access control control the access of computer, networks and
computational systems.
Security Kernel - ANS _____is a security system that enforced access control for
computational systems
True - ANS Security Kernel is usually a centralized system. True or false
Subjects - ANS In Access control systems, the users are known as:
Single sign on (SSO) - ANS Which access control is more suitable in Multi vendor
environment:
Discretionary Access Control (DAC) - ANS Which is the least restricted access control model:
Mandatory Access Control (MAC) - ANS Which is the most restricted access control model:
Rule Based Access Control (RBAC) - ANS Which is the best method for dynamic organizations,
where rules can be assigned to objects.
3 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED.
