Fundamentals of Information Security - C836 - Chapter 2 ||
Answered Perfectly 100%.
What is the difference between verification and authentication of an identity? correct answers
Authentication is the establishment that a claim to one's identity is true, while verification is just
more support for who they are claiming to be
How do you measure the rate at which you fail to authenticate legitimate users in a biometric
system? correct answers This is measured through two metrics the False Rejection Rate and
False Acceptance Rate. Ideally, we want the two to equal each other.
What do you call the process in which the client authenticates to the server and the server
authenticates to the client? correct answers Mutual authentication
A key would be described as which type of authentication factor? correct answers Something you
have
What biometric factor describes how well a characteristic resists change over time? correct
answers Permanence
If you're using an identity card as the basis for your authentication scheme, what steps might you
add to the process to allow you to move to multi factor authentication? correct answers Use two
more different factors are something you know (password), something you are (Iris scan),
something you have (swipe card), something you do (gait (walking) recognition), and the place
you are (at a specific terminal).
If you're using an eight-character password that contain only lowercase characters, would
increasing the length to ten characters represent any significant increase in strength? Why or why
not? correct answers
Name three reasons why an identity card alone might not make an ideal method of authentication
correct answers 1.) an identity card can be stolen.
, 2.) an identity card can be faked.
3.) an identity card information can change.
What factors might you use when implementing a multifactor authentication scheme for users
who are logging onto workstations that are in secure environment and are used by more than one
person? correct answers What you know
What you are
If you're developing a multi factor authentication system for an environment where you might
find larger-than-average numbers of disabled or injured users, such as a hospital, which
authentication factors might you want to use or avoid? Why? correct answers May want to avoid
fingerprints and do retina scans. It might be inconvenient if they are wearing gloves and cannot
reach the authentication device.
Define identification, including "who we claim to be." correct answers This may include who we
claim to be as a person, who a computer system claims to be over the network, who the
originating party of an e-mail claims to be, what authority we claim to have, or similar
transactions. It is important to note that the process of identification does not extend beyond this
claim and does not involve any sort of verification or validation of the identity that we claim.
Define identity verification. correct answers A step beyond identification, but it is still a step
short of authentication, Basically, just additional information to back up who you are claiming to
be
Define authentication and its factors. correct answers Authentication is the set of methods we use
to establish a claim of identity as being true.
It is important to note that authentication only establishes whether the claim of identity that has
been made is correct.
The different factors are something you know (password), something you are (Iris scan),
something you have (swipe card), something you do (gait (walking) recognition), and the place
you are (at a specific terminal).
Answered Perfectly 100%.
What is the difference between verification and authentication of an identity? correct answers
Authentication is the establishment that a claim to one's identity is true, while verification is just
more support for who they are claiming to be
How do you measure the rate at which you fail to authenticate legitimate users in a biometric
system? correct answers This is measured through two metrics the False Rejection Rate and
False Acceptance Rate. Ideally, we want the two to equal each other.
What do you call the process in which the client authenticates to the server and the server
authenticates to the client? correct answers Mutual authentication
A key would be described as which type of authentication factor? correct answers Something you
have
What biometric factor describes how well a characteristic resists change over time? correct
answers Permanence
If you're using an identity card as the basis for your authentication scheme, what steps might you
add to the process to allow you to move to multi factor authentication? correct answers Use two
more different factors are something you know (password), something you are (Iris scan),
something you have (swipe card), something you do (gait (walking) recognition), and the place
you are (at a specific terminal).
If you're using an eight-character password that contain only lowercase characters, would
increasing the length to ten characters represent any significant increase in strength? Why or why
not? correct answers
Name three reasons why an identity card alone might not make an ideal method of authentication
correct answers 1.) an identity card can be stolen.
, 2.) an identity card can be faked.
3.) an identity card information can change.
What factors might you use when implementing a multifactor authentication scheme for users
who are logging onto workstations that are in secure environment and are used by more than one
person? correct answers What you know
What you are
If you're developing a multi factor authentication system for an environment where you might
find larger-than-average numbers of disabled or injured users, such as a hospital, which
authentication factors might you want to use or avoid? Why? correct answers May want to avoid
fingerprints and do retina scans. It might be inconvenient if they are wearing gloves and cannot
reach the authentication device.
Define identification, including "who we claim to be." correct answers This may include who we
claim to be as a person, who a computer system claims to be over the network, who the
originating party of an e-mail claims to be, what authority we claim to have, or similar
transactions. It is important to note that the process of identification does not extend beyond this
claim and does not involve any sort of verification or validation of the identity that we claim.
Define identity verification. correct answers A step beyond identification, but it is still a step
short of authentication, Basically, just additional information to back up who you are claiming to
be
Define authentication and its factors. correct answers Authentication is the set of methods we use
to establish a claim of identity as being true.
It is important to note that authentication only establishes whether the claim of identity that has
been made is correct.
The different factors are something you know (password), something you are (Iris scan),
something you have (swipe card), something you do (gait (walking) recognition), and the place
you are (at a specific terminal).
