Web Security: Week 2 DNS Response

Questions and Answers

What is the primary purpose of password aging?

• To force users to change their passwords regularly (correct)
• To give users time to think of good passwords
• To warn users of password expiration in advance
• To prevent users from reusing old passwords

Which of the following is NOT a recommended method to prevent users from reusing passwords?

• Enforcing a minimum password length
• Blocking password changes for a period of time
• Giving users time to think of good passwords (correct)
• Storing a history of previous passwords

What is the purpose of a challenge-response system in password management?

• To generate a new password for each login
• To ensure that the user's password is changed regularly
• To verify the user's identity without storing the password (correct)
• To require a user to enter a PIN in addition to their password

Which type of one-time password (OTP) system requires a separate hardware token?

Token-based OTP (C)

What is the main advantage of using biometric authentication over traditional password-based authentication?

Biometrics are less prone to impersonation attacks (A)

Which biometric authentication method is considered the most accurate and reliable?

Iris recognition (D)

What is the primary purpose of the Security Accounts Manager (SAM) file in Windows?

To store password hashes for user accounts (B)

Which of the following is NOT a common type of one-time password (OTP) system?

Signature-based OTP (B)

What is the primary purpose of storing hashed passwords in the /etc/passwd file on Unix-like systems?

To enable password-based authentication for system services (C)

Which of the following biometric authentication methods is considered the most susceptible to spoofing attacks?

Facial recognition (B)