108 Chapter 5 ■ dentity and Access Management (Domain 5)I
- At point B in the diagram, what two important elements does the KDC send to the client
after verifying that the username is valid?
A. An encrypted TGT and a public key
B. An access ticket and a public key
C. An encrypted, time-stamped TGT and a symmetric key encrypted with a hash of the
user’s password
D. An encrypted, time-stamped TGT and an access token - What tasks must the client perform before it can use the TGT?
A. It must generate a hash of the TGT and decrypt the symmetric key.
B. It must accept the TGT and decrypt the symmetric key.
C. It must decrypt the TGT and the symmetric key.
D. It must send a valid response using the symmetric key to the KDC and must install the
TGT. - Jacob is planning his organization’s biometric authentication system and is considering
retina scans. What concern may be raised about retina scans by others in his organization?
A. Retina scans can reveal information about medical conditions.
B. Retina scans are painful because they require a puff of air in the user’s eye.
C. Retina scanners are the most expensive type of biometric device.
D. Retina scanners have a high false positive rate and will cause support issues. - Mandatory Access Control is based on what type of model?
A. Discretionary
B. Group based
C. Lattice based
D. Rule based - Which of the following is not a type of attack used against access controls?
A. Dictionary attack
B. Brute-force attack
C. Teardrop
D. Man-in-the-middle attack - What is the best way to provide accountability for the use of identities?
A. Logging
B. Authorization
C. Digital signatures
D. Type 1 authentication