Chapter 5 ■ dentity and Access Management (Domain 5)I 105
- During a log review, Saria discovers a series of logs that show login failures, as shown here:
Jan 31 11:39:12 ip-10-0-0-2 sshd[29092]: Invalid user admin from remotehost
passwd=orange
Jan 31 11:39:20 ip-10-0-0-2 sshd[29098]: Invalid user admin from remotehost
passwd=Orang3
Jan 31 11:39:23 ip-10-0-0-2 sshd[29100]: Invalid user admin from remotehost
passwd=Orange93
Jan 31 11:39:31 ip-10-0-0-2 sshd[29106]: Invalid user admin from remotehost
passwd=Orangutan1
Jan 31 20:40:53 ip-10-0-0-254 sshd[30520]: Invalid user admin from remotehost
passwd=Orangemonkey
What type of attack has Saria discovered?
A. A brute-force attack
B. A man-in-the-middle attack
C. A dictionary attack
D. A rainbow table attack- Place the following steps in the order in which they occur during the Kerberos authentica-
tion process.
A. Client/server ticket generated
B. TGT generated
C. Client/TGS key generated
D. User accesses service
E. User provides authentication credentials - What major issue often results from decentralized access control?
A. Access outages may occur.
B. Control is not consistent.
C. Control is too granular.
D. Training costs are high. - Callback to a landline phone number is an example of what type of factor?
A. Something you know
B. Somewhere you are
C. Something you have
D. Something you are