MT 460 INFA Mid Quiz Short and Long Answers
Short Answer: (3 points each)
- List and briefly describe the principal physical characteristics used for biometric identification.
- What is multi-factor authentication? Why does it provide better protection?
- What are the techniques to minimize password cracking?
- What are the categories of access controls? Define each category.
- How many keys are required for two people to communicate via a symmetric cipher?
- What is a public-key certificate? What is the need for public-key certificates?
- What is the difference between a private key and a secret key?
- Define the two types of symmetric key cryptography.
- What are the key features of the RSA algorithm?
- List the minimum security requirements in an information security program for protecting confidentiality, integrity, and availability.
Problems/Long Answer (7 points each)
- Why was it necessary to move beyond DES? Why has it been necessary to move beyond 3DES? Describe the encryption standard used to replace 3DES?
- Why are public-key algorithms usually used just to establish a symmetrically encrypted communications channel?
- A relatively new authentication proposal is the Secure Quick Reliable Login (SQRL). It is described at https://www.grc.com/sqrl/sqrl.htm. Briefly summarize how SQRL works and indicate how it fits into the categories of types of user authentication. Provide the benefits and identify any possible security issues with SQRL.
- What is the purpose of evaluating an IT product against a trusted computing evaluation standard?
- What properties must a hash function have to be useful for message authentication?
- What are the features of the NIST RBAC standards?
- Describe three types of password attacks. For each type of attack, provide an example of an authentication technique that can minimize or reduce the likelihood of the attack being successful.
- What are the challenges of biometrics?
- Provide a comparison of access control lists (ACL) and capability lists.
- Describe three commonly used security architectural frameworks, as discussed in class.
Course: MT 460 Management Policy and Strategy
School: Kaplan University
- : 29/06/2017
- : 40