Password Security and Authentication
21 Questions
1 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the primary purpose of using a salt value in password hashing?

  • To store passwords in a password file
  • To grant privileges to a user based on their ID
  • To prevent workstation hijacking
  • To prevent duplicate passwords and make offline dictionary attacks more difficult (correct)
  • What is the main benefit of password hashing in terms of password security?

  • It makes it easier to conduct offline dictionary attacks
  • It prevents cybercriminals from getting access to the passwords file (correct)
  • It allows for easy password recovery
  • It grants excessive privileges to users
  • What type of attack is made more difficult by the use of hashed passwords and salt values?

  • Specific account attack
  • Workstation hijacking
  • Offline dictionary attack (correct)
  • Electronic monitoring
  • What is the primary function of the ID in discretionary access control?

    <p>To determine the privileges accorded to the user</p> Signup and view all the answers

    What is the purpose of designing a hash algorithm to be slow to execute?

    <p>To thwart attacks</p> Signup and view all the answers

    What is a common type of password vulnerability?

    <p>Exploiting multiple password use</p> Signup and view all the answers

    What is the primary purpose of using salt values in password hashing?

    <p>To make precomputation impractical due to vast number of possible hash values</p> Signup and view all the answers

    Why are shorter password lengths more susceptible to cracking?

    <p>Because they have fewer possible combinations</p> Signup and view all the answers

    What type of attack is an attacker planning when using a rainbow table?

    <p>Rainbow table attack</p> Signup and view all the answers

    What is the purpose of a password file access control?

    <p>To deny access to encrypted passwords</p> Signup and view all the answers

    What is the primary goal of proactive password checking?

    <p>To eliminate guessable passwords while allowing users to select a memorable password</p> Signup and view all the answers

    What type of authentication uses objects possessed by users for authentication purposes?

    <p>Token-based authentication</p> Signup and view all the answers

    What is a disadvantage of using SMS-based one-time passwords for authentication?

    <p>It requires mobile coverage to receive SMS</p> Signup and view all the answers

    What is a type of attack that involves intercepting messages using a fake mobile tower or attacking SS7 signaling protocol?

    <p>Eavesdropping attack</p> Signup and view all the answers

    What is a characteristic of mobile authentication apps?

    <p>Implements a one-time password generator</p> Signup and view all the answers

    What is a disadvantage of using biometric authentication?

    <p>It is technically complex and expensive</p> Signup and view all the answers

    What is a type of attack that involves an adversary attempting to learn a password by some sort of attack that involves physical proximity?

    <p>Eavesdropping attack</p> Signup and view all the answers

    What is a common defense against password guessing attacks?

    <p>Hashing and protecting the password database</p> Signup and view all the answers

    What is a type of attack that involves an adversary repeating a previously captured user response?

    <p>Replay attack</p> Signup and view all the answers

    What is a type of attack that involves an application or physical device masquerading as an authentic application or device?

    <p>Trojan horse attack</p> Signup and view all the answers

    What is a type of attack that involves an adversary attempting to disable a user authentication service by flooding the service with numerous authentication attempts?

    <p>Denial-of-Service attack</p> Signup and view all the answers

    More Like This

    Use Quizgecko on...
    Browser
    Browser