Hard Token Authentication Quiz

Which type of security control is applied and enforced by digital or cyber systems and software?

Access controls
Physical controls
Logical controls (correct)
Procedural controls

What is the function of authentication in an access control system?

Minimizing risks relating to personal or company property
Identifying everything using the system (correct)
Controlling network communications
Allowing access to resources with defined permissions

Which of the following is an example of a physical control?

Antivirus software
User authentication
Firewall
Fences (correct)

Which group is used when assigning permissions and rights in Windows?

Administrators group (A) Signup and view all the answers

Which group has the same default permissions and rights as the User group?

Users group (B) Signup and view all the answers

Which group is present to support legacy applications but has the same permissions as the standard Users group in Windows 10/11?

Power Users group (D) Signup and view all the answers

Which account is automatically added to the Administrators group during setup?

Microsoft user (B) Signup and view all the answers

Which of the following is NOT a way to identify a subject in an Access Control List (ACL)?

Username (A) Signup and view all the answers

What is the principle of implicit deny in ACL security?

Access is denied unless specified otherwise (B) Signup and view all the answers

What is the principle of least privilege in access control?

Granting minimum possible rights to a user (A) Signup and view all the answers

Which of the following is an example of a least privilege security control?

User Account Control (UAC) (B) Signup and view all the answers

What is the difference between a local account and a Microsoft account in Windows?

A local account can be used to log on to any computer (D) Signup and view all the answers

What is the purpose of UAC in Windows?

To protect the system against malicious scripts and attacks (D) Signup and view all the answers

Which account is not subject to UAC?

The default "Administrator" user account (B) Signup and view all the answers

What is the purpose of authentication in an access control system?

To verify the credentials of the account holder (C) Signup and view all the answers

Which type of bio gesture authentication uses a sensor to scan the unique features of the user's fingerprint?

Fingerprint (D) Signup and view all the answers

What does SSO stand for?

Single Sign-On (A) Signup and view all the answers

What is the disadvantage of using passwords in SSO systems?

Compromising the account also compromises multiple services (C) Signup and view all the answers

How does Windows Hello for Business mitigate the risks of using passwords in SSO systems?

By using encryption key pairs (A) Signup and view all the answers

Which device is typically compliant with Fast Identity Online (FIDO) version 2 standards?

Hard token (A) Signup and view all the answers

What is the preferred system for network authentication in Windows network sign-in?

Kerberos (A) Signup and view all the answers

Which component compares the submitted credential to the one stored in the Security Accounts Manager (SAM) database?

Local Security Authority (LSA) (B) Signup and view all the answers

What is the purpose of a PIN in Windows Hello?

To act as a backup mechanism (A) Signup and view all the answers

Which of the following is NOT considered as an authentication factor?

Something you can do (A) Signup and view all the answers

Which of the following is an example of multifactor authentication?

Using a password and a fingerprint (C) Signup and view all the answers

What is a soft token also referred to as?

A one-time password (OTP) (B) Signup and view all the answers

Which of the following is required for an authenticator application to be used for passwordless access?

A screen lock opened via a fingerprint (C) Signup and view all the answers