« 返回题库列表2026年CISSP认证考试试题与答案解析汇总|真题+模拟题+备考资料
问题 #1
The three classic ways of authenticating yourself to the computer security software are: something you know, something you have, and something:
A. you need.
B. you read.
C. you are.
D. you do.
问题 #2
An access system that grants users only those rights necessary for them to perform their work is operating on which security principle?
A. Discretionary Access
B. Least Privilege
C. Mandatory Access
D. Separation of Duties
问题 #3
Pin, Password, Passphrases, Tokens, smart cards, and biometric devices are all items that can be used for Authentication. When one of these items listed above in conjunction with a second factor to validate authentication, it provides robust authenticatio
A. Multi-party authentication
B. Two-factor authentication
C. Mandatory authentication
D. Discretionary authentication
问题 #4
Legacy single sign on (SSO) is:
A. Technology to allow users to authenticate to every application by entering the same user ID and password each time, thus having to remember only a single password.
B. Technology to manage passwords consistently across multiple platforms, enforcing policies such as password change intervals.
C. A mechanism where users can authenticate themselves once, and then a central repository of their credentials is used to launch various legacy applications.
D. Another way of referring to SESAME and KryptoKnight, now that Kerberos is the de-facto industry standard single sign on mechanism.
问题 #5
Which type of password token involves time synchronization?
A. Static password tokens
B. Synchronous dynamic password tokens
C. Asynchronous dynamic password tokens
D. Challenge-response tokens
问题 #6
Which of the following would describe a type of biometric error refers to as FASLE rejection rate?
A. Type I error
B. Type II error
C. Type III error
D. CER error
问题 #7
Which of the following statements pertaining to biometrics is FALSE?
A. Increased system sensitivity can cause a higher false rejection rate
B. The crossover error rate is the point at which false rejection rate equals the false acceptance rate.
C. False acceptance rate is also known as Type II error.
D. Biometrics are based on the Type 2 authentication mechanism.
问题 #8
Which of the following statements pertaining to Kerberos is TRUE?
A. Kerberos does not address availability
B. Kerberos does not address integrity
C. Kerberos does not make use of Symmetric Keys
D. Kerberos cannot address confidentiality of information
问题 #9
Which of the following BEST ensures accountability of users for the actions taken within a system or domain?
A. Identification
B. Authentication
C. Authorization
D. Credentials
问题 #10
Which of the following statements pertaining to biometrics is FALSE?
A. User can be authenticated based on behavior.
B. User can be authenticated based on unique physical attributes.
C. User can be authenticated by what he knows.
D. A biometric system's accuracy is determined by its crossover error rate (CER).
问题 #11
Which of the following biometric devices offers the LOWEST CER?
A. Keystroke dynamics
B. Voice verification
C. Iris scan
D. Fingerprint
问题 #12
Which of the following is the WEAKEST authentication mechanism?
A. Passphrases
B. Passwords
C. One-time passwords
D. Token devices
问题 #13
When a biometric system is used, which error type deals with the possibility of GRANTING access to impostors who should be REJECTED?
A. Type I error
B. Type II error
C. Type III error
D. Crossover error
问题 #14
Which of the following offers advantages such as the ability to use stronger passwords, easier password administration, one set of credential, and faster resource access?
A. Smart cards
B. Single Sign-On (SSO)
C. Symmetric Ciphers
D. Public Key Infrastructure (PKI)
问题 #15
Which of the following describes the major disadvantage of many Single Sign-On (SSO) implementations?
A. Once an individual obtains access to the system through the initial log-on, they have access to all resources within the environment that the account has access to.
B. The initial logon process is cumbersome to discourage potential intruders.
C. Once a user obtains access to the system through the initial log-on, they only need to logon to some applications.
D. Once a user obtains access to the system through the initial log-on, he has to logout from all other systems
问题 #16
Which of the following is implemented through scripts or smart agents that replay the users multiple log-ins against authentication servers to verify a user's identity which permit access to system services?
A. Single Sign-On
B. Dynamic Sign-On
C. Smart cards
D. Kerberos
问题 #17
Which of the following protects a password from eavesdroppers and supports the encryption of communication?
A. Challenge Handshake Authentication Protocol (CHAP)
B. Challenge Handshake Identification Protocol (CHIP)
C. Challenge Handshake Encryption Protocol (CHEP)
D. Challenge Handshake Substitution Protocol (CHSP)
问题 #18
The act of requiring two of the three factors to be used in the authentication process refers to:
A. Two-Factor Authentication
B. One-Factor Authentication
C. Bi-Factor Authentication
D. Double Authentication
问题 #19
Which of the following would be true about Static password tokens?
A. The owner identity is authenticated by the token
B. The owner will never be authenticated by the token.
C. The owner will authenticate himself to the system.
D. The token does not authenticates the token owner but the system.
问题 #20
In Synchronous dynamic password tokens:
A. The token generates a new password value at fixed time intervals (this password could be based on the time of day encrypted with a secret key).
B. The token generates a new non-unique password value at fixed time intervals (this password could be based on the time of day encrypted with a secret key).
C. The unique password is not entered into a system or workstation along with an owner's PIN.
D. The authentication entity in a system or workstation knows an owner's secret key and PIN, and the entity verifies that the entered password is invalid and that it was entered during the invalid time window.
问题 #21
In biometrics, "one-to-many" search against database of stored biometric images is done in:
A. Authentication
B. Identification
C. Identities
D. Identity-based access control
问题 #22
Which of the following is true of biometrics?
A. It is used for identification in physical controls and it is not used in logical controls.
B. It is used for authentication in physical controls and for identification in logical controls.
C. It is used for identification in physical controls and for authentication in logical controls.
D. Biometrics has no role in logical controls.
问题 #23
What is the percentage of valid subjects that are falsely rejected by a Biometric Authentication system called?
A. False Rejection Rate (FRR) or Type I Error
B. False Acceptance Rate (FAR) or Type II Error
C. Crossover Error Rate (CER)
D. True Rejection Rate (TRR) or Type III Error
问题 #24
What is the percentage of invalid subjects that are falsely accepted by a Biometric authentication system called?
A. False Rejection Rate (FRR) or Type I Error
B. False Acceptance Rate (FAR) or Type II Error
C. Crossover Error Rate (CER)
D. True Acceptance Rate (TAR) or Type III Error
问题 #25
What is the percentage at which the False Rejection Rate equals the False Acceptance Rate called?
A. False Rejection Rate (FRR) or Type I Error
B. False Acceptance Rate (FAR) or Type II Error
C. Crossover Error Rate (CER)
D. Failure to enroll rate (FTE or FER)
问题 #26
What is a password called that is the same for each log-on session?
A. one-time password
B. two-time password
C. static password
D. dynamic password
问题 #27
What is a sequence of characters that is usually longer than the allotted number for a password called?
A. passphrase
B. cognitive phrase
C. anticipated phrase
D. Real phrase
问题 #28
Which BEST describes a tool (i.e. keyfob, calculator, memory card or smart card) used to supply dynamic passwords?
A. Tickets
B. Tokens
C. Token passing networks
D. Coupons
问题 #29
Which one of the following factors is NOT one on which Authentication is based?
A. Type 1 Something you know, such as a PIN or password
B. Type 2 Something you have, such as an ATM card or smart card
C. Type 3 Something you are (based upon one or more intrinsic physical or behavioral traits), such as a fingerprint or retina scan
D. Type 4 Something you are, such as a system administrator or security administrator
问题 #30
What is called the use of technologies such as fingerprint, retina, and iris scans to authenticate the individuals requesting access to resources?
A. Micrometrics
B. Macrometrics
C. Biometrics
D. MicroBiometrics
问题 #31
What is the access protection system that limits connections by calling back the number of a previously authorized location called?
A. Sendback systems
B. Callback forward systems
C. Callback systems
D. Sendback forward systems
问题 #32
Which of the following is the most reliable authentication method for remote access?
A. Variable callback system
B. Synchronous token
C. Fixed callback system
D. Combination of callback and caller ID
问题 #33
Which of the following is NOT a security characteristic we need to consider while choosing a biometric identification system?
A. data acquisition process
B. cost
C. enrollment process
D. speed and user interface
问题 #34
In biometric identification systems, at the beginning, it was soon apparent that truly positive identification could only be based on physical attributes of a person. This raised the necessity of answering two questions:
A. What was the sex of a person and his age?
B. What part of body to be used and how to accomplish identification that is viable?
C. What was the age of a person and his income level?
D. What was the tone of the voice of a person and his habits?
问题 #35
What is the primary role of smartcards in a PKI?
A. Transparent renewal of user keys
B. Easy distribution of the certificates between the users
C. Fast hardware encryption of the raw data
D. Tamper resistant, mobile storage and application of private keys of the users
问题 #36
In biometric identification systems, the parts of the body conveniently available for identification are:
A. neck and mouth
B. hands, face, and eyes
C. feet and hair
D. voice and neck
问题 #37
Which of the following is TRUE of two-factor authentication?
A. It uses the RSA public-key signature based on integers with large prime factors.
B. It requires two measurements of hand geometry.
C. It does not use single sign-on technology.
D. It relies on two independent proofs of identity.
问题 #38
What kind of certificate is used to validate a user identity?
A. Public key certificate
B. Attribute certificate
C. Root certificate
D. Code signing certificate
问题 #39
Single Sign-on (SSO) is characterized by which of the following advantages?
A. Convenience
B. Convenience and centralized administration
C. Convenience and centralized data administration
D. Convenience and centralized network administration
问题 #40
What is called the act of a user professing an identity to a system, usually in the form of a log-on ID?
A. Authentication
B. Identification
C. Authorization
D. Confidentiality
问题 #41
What is the verification that the user's claimed identity is valid called and is usually implemented through a user password at log-on time?
A. Authentication
B. Identification
C. Integrity
D. Confidentiality
问题 #42
Which of the following is TRUE about Kerberos?
A. It utilizes public key cryptography.
B. It encrypts data after a ticket is granted, but passwords are exchanged in plain text.
C. It depends upon symmetric ciphers.
D. It is a second party authentication system.
问题 #43
A confidential number used as an authentication factor to verify a user's identity is called a:
A. PIN
B. User ID
C. Password
D. Challenge
问题 #44
Which type of password provides maximum security because a new password is required for each new log-on?
A. One-time or dynamic password
B. Cognitive password
C. Static password
D. Passphrase
问题 #45
The primary service provided by Kerberos is which of the following?
A. non-repudiation
B. confidentiality
C. authentication
D. authorization
问题 #46
Which of the following is NOT true of the Kerberos protocol?
A. Only a single login is required per session.
B. The initial authentication steps are done using public key algorithm.
C. The KDC is aware of all systems in the network and is trusted by all of them
D. It performs mutual authentication
问题 #47
The authenticator within Kerberos provides a requested service to the client after validating which of the following?
A. timestamp
B. client public key
C. client private key
D. server public key
问题 #48
Which of the following is addressed by Kerberos?
A. Confidentiality and Integrity
B. Authentication and Availability
C. Validation and Integrity
D. Auditability and Integrity
问题 #49
Kerberos is vulnerable to replay in which of the following circumstances?
A. When a private key is compromised within an allotted time window.
B. When a public key is compromised within an allotted time window.
C. When a ticket is compromised within an allotted time window.
D. When the KSD is compromised within an allotted time window.
问题 #50
Like the Kerberos protocol, SESAME is also subject to which of the following?
A. timeslot replay
B. password guessing
C. symmetric key guessing
D. asymmetric key guessing
问题 #51
RADIUS incorporates which of the following services?
A. Authentication server and PIN codes.
B. Authentication of clients and static passwords generation.
C. Authentication of clients and dynamic passwords generation.
D. Authentication server as well as support for Static and Dynamic passwords.
问题 #52
Which of the following would constitute the BEST example of a password to use for access to a system by a network administrator?
A. holiday
B. Christmas12
C. Jenny
D. GyN19Za!
问题 #53
What ensures that the control mechanisms correctly implement the security policy for the entire life cycle of an information system?
A. Accountability controls
B. Mandatory access controls
C. Assurance procedures
D. Administrative controls
问题 #54
Smart cards are an example of which type of control?
A. Detective control
B. Administrative control
C. Technical control
D. Physical control
问题 #55
Which of the following is NOT a two-factor authentication mechanism?
A. Something you have and something you know.
B. Something you do and a password.
C. A smartcard and something you are.
D. Something you know and a password.
问题 #56
Which of following is NOT a service provided by AAA servers (Radius, TACACS and DIAMETER)?
A. Authentication
B. Administration
C. Accounting
D. Authorization
问题 #57
Which of the following protocol was used by the INITIAL version of the Terminal Access Controller Access Control System TACACS for communication between clients and servers?
问题 #58
What is Kerberos?
A. A three-headed dog from the Egyptian mythology.
B. A trusted third-party authentication protocol.
C. A security model.
D. A remote authentication dial-in user server.
问题 #59
Which of the following can BEST eliminate dial-up access through a Remote Access Server as a hacking vector?
A. Using a TACACS+ server.
B. Installing the Remote Access Server outside the firewall and forcing legitimate users to authenticate to the firewall.
C. Setting modem ring count to at least 5
D. Only attaching modems to non-networked hosts.
问题 #60
Which authentication technique BEST protects against hijacking?
A. Static authentication
B. Continuous authentication
C. Robust authentication
D. Strong authentication
问题 #61
Which of the following is NOT a security goal for remote access?
A. Reliable authentication of users and systems
B. Protection of confidential data
C. Easy to manage access control to systems and network resources
D. Automated login for remote users
问题 #62
During an IS audit, one of your auditors has observed that some of the critical servers in your organization can be accessed ONLY by using a shared/common user name and password. What should be the auditor's PRIMARY concern be with this approach?
A. Password sharing
B. Accountability
C. Shared account management
D. Difficulty in auditing shared account
问题 #63
During an IS audit, auditor has observed that authentication and authorization steps are split into two functions and there is a possibility to force the authorization step to be completed before the authentication step. Which of the following technique a
A. Eavesdropping
B. Traffic analysis
C. Masquerading
D. Race Condition
问题 #64
Network-based Intrusion Detection systems:
A. commonly reside on a discrete network segment and monitor the traffic on that network segment.
B. commonly will not reside on a discrete network segment and monitor the traffic on that network segment.
C. commonly reside on a discrete network segment and does not monitor the traffic on that network segment.
D. commonly reside on a host and monitor the traffic on that specific host.
问题 #65
Which of the following are additional terms used to describe knowledge-based IDS and behavior-based IDS?
A. Signature-based IDS and statistical anomaly-based IDS, respectively.
B. Signature-based IDS and dynamic anomaly-based IDS, respectively.
C. Anomaly-based IDS and statistical-based IDS, respectively.
D. Signature-based IDS and motion anomaly-based IDS, respectively.
问题 #66
Knowledge-based Intrusion Detection Systems (IDS) are more common than:
A. Network-based IDS
B. Host-based IDS
C. Behavior-based IDS
D. Application-Based IDS
问题 #67
Which cable technology refers to the CAT3 and CAT5 categories?
A. Coaxial cables
B. Fiber Optic cables
C. Axial cables
D. Twisted Pair cables
问题 #68
The older coaxial cable has been widely replaced with twisted pair, which is extremely easy to work with, inexpensive, and also resistant to multiple host failure at once, especially when used in one of the following topology:
A. Token Passing Configuration.
B. Star Configuration.
C. Ring Configuration.
D. Point to Point Configuration.
问题 #69
Which of the following was designed as a more fault-tolerant topology than Ethernet, and very resilient when properly implemented?
A. Token Link.
B. Token system.
C. Token Ring.
D. Duplicate ring.
问题 #70
Which of the following should be used as a replacement for Telnet for secure remote login over an insecure network?
A. S-Telnet
B. SSL
C. Rlogin
D. SSH
问题 #71
Which of the following is LESS likely to be used today in creating a Virtual Private Network?
A. L2TP
B. PPTP
C. IPSec
D. L2F
问题 #72
Which of the following answers presents the MOST significant threat to network based IDS or IPS systems?
A. Encrypted Traffic
B. Complex IDS/IPS Signature Syntax
C. Digitally Signed Network Packets
D. Segregated VLANs
问题 #73
Which of the following is NOT a countermeasure to traffic analysis?
A. Padding messages.
B. Eavesdropping.
C. Sending noise.
D. Faraday Cage
问题 #74
Which of the following describes the sequence of steps required for a Kerberos session to be established between a user (Principal P1), and an application server (Principal P2)?
A. Principals P1 and Principals P2 authenticate to the Key Distribution Center (KDC),
B. Principal P1 receives a Ticket Granting Ticket (TGT), and then Principal P2 requests a service ticket from the KDC.
C. Principal P1 authenticates to the Key Distribution Center (KDC), Principal P1 receives a Ticket Granting Ticket (TGT), and Principal P1 requests a service ticket from the Ticket Granting Service (TGS) in order to access the application server P2
D. Principal P1 authenticates to the Key Distribution Center (KDC),
E. Principal P1 requests a Ticket Granting Ticket (TGT) from the authentication server, and then Principal P1 requests a service ticket from the application server P2
F. Principals P1 and P2 authenticate to the Key Distribution Center (KDC), Principal P1 requests a Ticket Granting Ticket (TGT) from the authentication server, and application server P2 requests a service ticket from P1
问题 #75
A packet containing a long string of NOP's followed by a command is usually indicative of what?
A. A syn scan.
B. A half-port scan.
C. A buffer overflow attack.
D. A packet destined for the network's broadcast address.
问题 #76
Organizations should consider which of the following first before allowing external access to their LANs via the Internet?
A. Plan for implementing workstation locking mechanisms.
B. Plan for protecting the modem pool.
C. Plan for providing the user with his account usage information.
D. Plan for considering proper authentication options.
问题 #77
Several analysis methods can be employed by an IDS, each with its own strengths and weaknesses, and their applicability to any given situation should be carefully considered. There are two basic IDS analysis methods that exist. Which of the basic method i
A. Pattern Matching (also called signature analysis)
B. Anomaly Detection
C. Host-based intrusion detection
D. Network-based intrusion detection
问题 #78
You are part of a security staff at a highly profitable bank and each day, all traffic on the network is logged for later review. Every Friday when major deposits are made you're seeing a series of bits placed in the "Urgent Pointer" field of a TCP packet
A. This could be a sign of covert channeling in bank network communications and should be investigated.
B. It could be a sign of a damaged network cable causing the issue.
C. It could be a symptom of malfunctioning network card or drivers and the source system should be checked for the problem.
D. It is normal traffic because sometimes the previous fields 16 bit checksum value can over run into the urgent pointer's 16 bit field causing the condition.
问题 #79
What would you call the process that takes advantages of the security provided by a transmission protocol by carrying one protocol over another?
A. Piggy Backing
B. Steganography
C. Tunneling
D. Concealing
问题 #80
At which OSI layer does SSL reside in?
A. Application
B. Session
C. Transport
D. Network
问题 #81
What is the BEST answer pertaining to the difference between the Session and Transport layers of the OSI model?
A. The Session layer sets up communication between protocols, while the Transport layer sets up connections between computer systems.
B. The Transport layer sets up communication between computer systems, while the Session layer sets up connections between applications.
C. The Session layer sets up communication between computer systems, while the Transport layer sets up connections between protocols.
D. The Transport layer sets up communication between applications, while the Session layer sets up connections between computer systems.
问题 #82
What is called an attack in which an attacker floods a system with connection requests but does not respond when the target system replies to those requests?
A. Ping of death attack
B. SYN attack
C. Smurf attack
D. Buffer overflow attack
问题 #83
In the context of access control, locks, gates, guards are examples of which of the following?
A. Administrative controls
B. Technical controls
C. Physical controls
D. Logical controls
问题 #84
Access Control techniques do NOT include which of the following?
A. Relevant Access Controls
B. Discretionary Access Control
C. Mandatory Access Control
D. Lattice Based Access Control
问题 #85
A central authority determines what subjects can have access to certain objects based on the organizational security policy is called:
A. Mandatory Access Control
B. Discretionary Access Control
C. Non-Discretionary Access Control
D. Rule-based Access control
问题 #86
Technical controls such as encryption and access control can be built into the operating system, be software applications, or can be supplemental hardware/ software units. Such controls, also known as logical controls, represent which pairing?
A. Preventive/Administrative Pairing
B. Preventive/Technical Pairing
C. Preventive/Physical Pairing
D. Detective/Technical Pairing
问题 #87
Rule-Based Access Control (RuBAC) access is determined by rules. Such rules would fit within what category of access control?
A. Discretionary Access Control (DAC)
B. Mandatory Access control (MAC)
C. Non-Discretionary Access Control (NDAC)
D. Lattice-based Access control
问题 #88
The type of discretionary access control (DAC) that is based on an individual's identity is also called:
A. Identity-based Access control
B. Rule-based Access control
C. Non-Discretionary Access Control
D. Lattice-based Access control
问题 #89
Which access control type has a central authority that determine to what objects the subjects have access to and it is based on role or on the organizational security policy?
A. Mandatory Access Control
B. Discretionary Access Control
C. Non-Discretionary Access Control
D. Rule-based Access control
问题 #90
A periodic review of user account management should NOT determine:
A. conformity with the concept of least privilege.
B. whether active accounts are still being used.
C. strength of user-chosen passwords.
D. whether management authorizations are up-to-date.
问题 #91
Which of the following access control models requires security clearance for subjects?
A. Identity-based access control
B. Role-based access control
C. Discretionary access control
D. Mandatory access control
问题 #92
Which of the following statements pertaining to Kerberos is TRUE?
A. Kerberos uses public key cryptography.
B. Kerberos uses X.509 certificates.
C. Kerberos is a credential-based authentication system.
D. Kerberos was developed by Microsoft.
问题 #93
Which of the following statements pertaining to using Kerberos without any extension is FALSE?
A. A client can be impersonated by password-guessing.
B. Kerberos is mostly a third-party authentication protocol.
C. Kerberos uses public key cryptography.
D. Kerberos provides robust authentication.
问题 #94
Which of the following services is provided by S-RPC?
A. Availability
B. Accountability
C. Integrity
D. Authentication
问题 #95
A smart Card that has two chips with the Capability of utilizing both Contact and Contactless formats is called:
A. Contact Smart Cards
B. Contactless Smart Cards
C. Hybrid Cards
D. Combi Cards
问题 #96
The BEST technique to authenticate to a system is to:
A. establish biometric access through a secured server or Web site.
B. ensure the person is authenticated by something he knows and something he has.
C. maintain correct and accurate ACLs (access control lists) to allow access to applications.
D. allow access only through user ID and password.
问题 #97
Which of the following biometrics methods provides the HIGHEST accuracy and is LEAST accepted by users?
A. Palm Scan
B. Hand Geometry
C. Fingerprint
D. Retina scan
问题 #98
Identity Management solutions include such technologies as Directories services, Single Sign-On and Web Access management. There are many reasons for management to choose an identity management solution. Which of the following is a key management challeng
A. Increasing the number of points of failures.
B. Users will no longer be able to “recycle” their password for different applications.
C. Costs increase as identity management technologies require significant resources.
D. It must be able to scale to support high volumes of data and peak transaction rates.
问题 #99
When submitting a passphrase for authentication, the passphrase is converted into:
A. a virtual password by the system.
B. a new passphrase by the system.
C. a new passphrase by the encryption technology
D. a real password by the system which can be used forever.
问题 #100
Which of the following can be defined as a framework that supports multiple, optional authentication mechanisms for PPP, including cleartext passwords, challenge-response, and arbitrary dialog sequences?
A. Extensible Authentication Protocol
B. Challenge Handshake Authentication Protocol
C. Remote Authentication Dial-In User Service
D. Multilevel Authentication Protocol.
问题 #101
The throughput rate is the rate at which individuals, once enrolled, can be processed and identified or authenticated by a biometric system. Acceptable throughput rates are in the range of:
A. 100 subjects per minute.
B. 25 subjects per minute.
C. 10 subjects per minute.
D. 50 subjects per minute.
问题 #102
Which of the following biometric parameters are better suited for authentication use over a long period of time?
A. Iris pattern
B. Voice pattern
C. Signature dynamics
D. Retina pattern
问题 #103
Which of the following is NOT a disadvantage of Single Sign On (SSO)?
A. Support for all major operating system environment is difficult
B. The cost associated with SSO development can be significant
C. SSO could be single point of failure and total compromise of an organization asset
D. SSO improves an administrator's ability to manage user's account and authorization to all associated system
问题 #104
Another type of access control is lattice-based access control. In this type of control a lattice model is applied. How is this type of access control concept applied?
A. The pair of elements is the subject and object, and the subject has an upper bound equal or higher than the upper bound of the object being accessed.
B. The pair of elements is the subject and object, and the subject has an upper bound lower than the upper bound of the object being accessed.
C. The pair of elements is the subject and object, and the subject has no special upper or lower bound needed within the lattice.
D. The pair of elements is the subject and object, and the subject has no access rights in relation to an object.
问题 #105
In the context of Biometric authentication, there is a quick way to compare the accuracy of devices. In general, the devices that have the lowest value would be the most accurate. Which of the following would be used to compare accuracy of devices?
A. the CER is used.
B. the FRR is used
C. the FAR is used
D. the FER is used
问题 #106
Which of the following biometric devices has the lowest user acceptance level?
A. Retina Scan
B. Fingerprint scan
C. Hand geometry
D. Signature recognition
问题 #107
Which of the following would be an example of the BEST password?
A. golf001
B. Elizabeth
C. T1me4g0lF
D. password
问题 #108
Which of the following does NOT apply to system-generated passwords?
A. Passwords are harder to remember for users.
B. If the password-generating algorithm gets to be known, the entire system is in jeopardy.
C. Passwords are more vulnerable to brute force and dictionary attacks.
D. Passwords are harder to guess for attackers.
问题 #109
What is the MOST critical characteristic of a biometric identifying system?
A. Perceived intrusiveness
B. Storage requirements
C. Accuracy
D. Scalability
问题 #110
What is considered the MOST important type of error to avoid for a biometric access control system?
A. Type I Error
B. Type II Error
C. Combined Error Rate
D. Crossover Error Rate
问题 #111
How can an individual/person BEST be identified or authenticated to prevent local masquerading attacks?
A. User Id and password
B. Smart card and PIN code
C. Two-factor authentication
D. Biometrics
问题 #112
What are cognitive passwords?
A. Passwords that can be used only once.
B. Fact or opinion-based information used to verify an individual's identity.
C. Password generators that use a challenge response scheme.
D. Passphrases.
问题 #113
Which of the following biometrics devices has the highest Crossover Error Rate (CER)?
A. Iris scan
B. Hand geometry
C. Voice pattern
D. Fingerprints
问题 #114
What is the PRIMARY use of a password?
A. Allow access to files.
B. Identify the user.
C. Authenticate the user.
D. Segregate various users’ accesses.
闽公网安备 35012102500533号
|
闽ICP备18010967号-7