Chapter 9 ■ Practice Test 1 211
- If availability of authentication services is the organization’s biggest priority, what type of
identity platform should Ben recommend?
A. Onsite
B. Cloud based
C. Hybrid
D. Outsourced - If Ben needs to share identity information with the business partner shown, what should
he investigate?
A. Single sign-on
B. Multifactor authentication
C. Federation
D. IDaaS - What technology is likely to be involved when Ben’s organization needs to provide authen-
tication and authorization assertions to their cloud e-commerce application?
A. Active Directory
B. SAML
C. RADIUS
D. SPML - Dave is responsible for password security in his organization and would like to strengthen
the security of password files. He would like to defend his organization against the use of
rainbow tables. Which one of the following techniques is specifically designed to frustrate
the use of rainbow tables?
A. Password expiration policies
B. Salting
C. User education
D. Password complexity policies - Which one of the following is a single system designed to attract attackers because it seem-
ingly contains sensitive information or other attractive resources?
A. Honeynet
B. Darknet
C. Honeypot
D. Pseudoflaw - When evaluating biometric devices, what is another term used to describe the equal
error rate?
A. FAR
B. FRR
C. CER
D. ERR