Multiple Choice from the SSCP Practice Exam Questions: Write the answer and a sh
ID: 3748323 • Letter: M
Question
Multiple Choice from the SSCP Practice Exam Questions: Write the answer and a short explanation of three or four lines, as shown below:
Question 1. A potential problem related to the physical installation of the Iris Scanner in regards to the usage of the iris pattern within a biometric system is:
a.Concern that the laser beam may cause eye damage.
b.The iris pattern changes as a person grows older.
c.There is a relatively high rate of false accepts.
d.The optical unit must be positioned so that the sun does not shine into the aperture.
Answer:
Explanation:
Question 2. In Mandatory Access Control sensitivity labels attached to object contain what information?
a.The item’s classification
b.The item’s classification and category set
c.The item’s category
d.The item’s need to know
Answer:
Explanation:
Question 3. What is Kerberos?
a.A three-headed dog from the Egyptian mythology
b.A trusted third-party authentication protocol
c.A security model
d.A remote authentication dial in user server
Answer:
Explanation:
Question 4. A confidential number used as an authentication factor to verify a user’s identity is called a:
a,PIN
b.User ID
c.Password
d.Challenge
Answer:
Explanation:
Question 5. Controls to keep password sniffing attacks from compromising computer systems include which of the following?
a.Static and recurring passwords
b.Encryption and recurring passwords
c.One-time passwords and encryption
d.Static and one-time passwords
Answer:
Explanation:
Explanation / Answer
1)
Correct Answer: D
Because the optical unit utilizes a camera and infrared light to create the images, sun light can impact the aperture so it must not be positioned in direct light of any type. Because the subject does not need to have direct contact with the optical reader, direct light can impact the reader.
An Iris recognition is a form of biometrics that is based on the uniqueness of a subject's iris. A camera like device records the patterns of the iris creating what is known as Iriscode.
It is the unique patterns of the iris that allow it to be one of the most accurate forms of biometric identification of an individual. Unlike other types of biometics, the iris rarely changes over time. Fingerprints can change over time due to scaring and manual labor, voice patterns can change due to a variety of causes, hand geometry can also change as well. But barring surgery or an accident it is not usual for an iris to change. The subject has a high-resoulution image taken of their iris and this is then converted to Iriscode. The current standard for the Iriscode was developed by John Daugman. When the subject attempts to be authenticated an infrared light is used to capture the iris image and this image is then compared to the Iriscode. If there is a match the subject's identity is confirmed. The subject does not need to have direct contact with the optical reader so it is a less invasive means of authentication then retinal scanning would be.
2)
Correct Answer: B
A Sensitivity label must contain at least one classification and one category set.
Category set and Compartment set are synonyms, they mean the same thing. The sensitivity label must contain at least one Classification and at least one Category. It is common in some environments for a single item to belong to multiple categories. The list of all the categories to which an item belongs is called a compartment set or category set.
3)
Correct Answer: B
Kerberos depends on secret keys (symmetric ciphers). Kerberos is a third party authentication protocol. It was designed and developed in the mid 1980's by MIT. It is considered open source but is copyrighted and owned by MIT. It relies on the user's secret keys. The password is used to encrypt and decrypt the keys.
The following answers are incorrect:
It utilizes public key cryptography. Is incorrect because Kerberos depends on secret keys (symmetric ciphers).
It encrypts data after a ticket is granted, but passwords are exchanged in plain text. Is incorrect because the passwords are not exchanged but used for encryption and decryption of the keys.
It is a second party authentication system. Is incorrect because Kerberos is a third party authentication system, you authenticate to the third party (Kerberos) and not the system you are accessing.
4)
Correct Answer: A
PIN Stands for Personal Identification Number, as the name states it is a combination of numbers.
The following answers are incorrect:
User ID This is incorrect because a Userid is not required to be a number and a Userid is only used to establish identity not verify it.
Password. This is incorrect because a password is not required to be a number, it could be any combination of characters.
Challenge. This is incorrect because a challenge is not defined as a number, it could be anything.
5)
Correct Answer: C
Related Questions
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.