Chapter 5 ■ dentity and Access Management (Domain 5)I 123
- Which of the following Type 3 authenticators is appropriate to use by itself rather than in
combination with other biometric factors?
A. Voice pattern recognition
B. Hand geometry
C. Palm scans
D. Heart/pulse patterns - What danger is created by allowing the OpenID relying party to control the connection to
the OpenID provider?
A. It may cause incorrect selection of the proper OpenID provider.
B. It creates the possibility of a phishing attack by sending data to a fake OpenID
provider.
C. The relying party may be able to steal the client’s username and password.
D. The relying party may not send a signed assertion. - Jim is implementing a cloud identity solution for his organization. What type of technol-
ogy is he putting in place?
A. Identity as a service
B. Employee ID as a service
C. Cloud-based RADIUS
D. OAuth - RAID-5 is an example of what type of control?
A. Administrative
B. Recovery
C. Compensation
D. Logical- When Alex sets the permissions shown in the following image as one of many users on a
Linux server, what type of access control model is he leveraging?
A. Role Based Access Control
B. Rule-based Access control
C. Mandatory Access Control (MAC)
D. Discretionary Access Control (DAC)