M17 Practice Quiz

#IAM #password #attacks

Question 1

  1. Which process involves removing an individual's access rights when they no longer need them?

    Options:

    • Provisioning
    • Deprovisioning
    • Attestation
    • Identity proofing

    Overall explanation:

    • Deprovisioning is the process of removing or deactivating users' access rights in an IT system when they no longer need them. This typically occurs when an employee leaves a company, changes roles, or no longer requires access to specific data or resources.
    • Deprovisioning is a critical part of Identity and Access Management (IAM) as it helps to prevent unauthorized access and potential data breaches by ensuring that only current and authorized users have access to systems and data.

    Tags: Identity and Access Management (IAM)

Question 2

  1. In multi-factor authentication, what does the "something you are" factor refer to?

    Options:

    • A password or PIN known by the user
    • A physical device possessed by the user
    • The user's current location, verified through GPS or IP address
    • Unique physical or behavioral characteristics

    Overall explanation:

    • The "something you are" factor in multi-factor authentication refers to biometric data, which are unique physical or behavioral characteristics of the user. This can include fingerprints, facial recognition, voice patterns, and even retinal scans. These characteristics are unique to each individual and are therefore difficult to replicate, providing a high level of security.

    Tags: Multifactor Authentication (MFA)

Question 3

  1. Which attack involves trying a small number of commonly used passwords against a large number of usernames or accounts?

    Options:

    • Dictionary Attack
    • Hybrid Attack
    • Password Spraying
    • Brute Force Attack

    Overall explanation:

    • Password spraying involves trying a small number of commonly used passwords against a large number of usernames or accounts. This type of attack can be effective because it avoids account lockouts that can occur after a certain number of failed login attempts. It relies on the fact that, in a large group of users, there's a good chance that at least a few of them are using very common passwords. The other options involve different methods of attacking passwords.

    Tags: Password Attacks

Question 4

  1. Which of the following is described as a system where a company trusts accounts created and managed by a different network that allows users to authenticate across different services using a single set of credentials?

    Options:

    • Federation
    • Local Authentication
    • Centralized Authentication
    • Multi-factor Authentication

    Overall explanation:

    • Federation in network security refers to a system where a company or organization trusts accounts created and managed by a different network. This allows users to authenticate across different services using a single set of credentials.
    • This is different from centralized authentication (where all user credentials are stored in a central database within an organization),
    • multi-factor authentication (which requires users to provide two or more verification factors to gain access to a resource),
    • and local authentication (where credentials are verified on the local machine or system).

    Tags: Federation

Question 5

  1. Which access control model is typically used in an environment where access needs to be strictly regulated and users cannot modify their own permissions?

    Options:

    • Rule-Based Access Control (RBAC)
    • Discretionary Access Control (DAC)
    • Role-Based Access Control (RBAC)
    • Mandatory Access Control (MAC)

    Overall explanation:

    • Mandatory Access Control (MAC) is typically used in environments that require a high level of data security. In a MAC model, access permissions are regulated by a central authority, and users cannot modify their own permissions.
    • This is different from other models like Discretionary Access Control (DAC), where the resource owner can set permissions, or Role-Based Access Control (RBAC), where permissions are assigned based on user roles within the organization. Rule-Based Access Control (RBAC) grants or denies access based on rules defined by a system administrator, but it doesn't inherently prevent users from modifying their own permissions.

    Tags: Access Control Models