Cyber Security Jeopardy

Security Principles

Password Policy

Password Management

External Authentication

100

consists of the application of physical barriers and control procedures

Physical Security

100

Every authentication system uses one or several of the following: something you have, something you are, and/or ___________

Something you know

100

Defining, distributing, and storing access credentials for all employees in a company are steps of a _____________

Password Management System

100

True or False: Social-login (with facebook, twitter, etc) is an example of a decentralized authentication mechanism

True

200

Fires, floods, blackouts, and overloads are examples of:

Physical Security Threats

200

Which is the most common method of authentication?

Passwords

200

LDAP and Active Directory are ______ that ensure passwords are generated robustly and comply with certain requirements.

Tools

200

CSAB stands for __________

Cloud Access Security Brokers

300

Loss of information, loss of data integrity, and attacks from outside the network are examples of:

Logical Security Threats

300

Changing passwords periodically, not using browser password reminders, and not using the same passwords for different services are examples of PRO, TEC, or PER-level controls?

People (PER): applies to all personnel

300

Minimum length, types of characters to include, and compliance with semantic rules are components of __________

Password Format

300

_________ allows the user to have a single authentication point to access the services of different companies.

Federated Authentication

400

The application of barriers and procedures that protect access to data and only allow access to authorized users

Logical Security

400

Defining the lifestyle of a password management system and using external authentication techniques are examples of PRO, TEC, or PER-level password controls?

PRO/TEC

400

Name 3 examples of double authentication methods

(name 3): fingerprint, hardware cryptographic tokens, One Time Password (OTP), and coordinate cards

400

________ is a mechanism that allows an authenticated user in a service to automatically access many other applications and services

Single-sign-on

500

What is the basic principle of a logical security system?

Everything that is not allowed should be prohibited

500

True or False: Failure recovery mechanisms are an example of Basic (B) password controls

False: Advanced (A)

500

True or false: password managers should not be used to remember large numbers of passwords

false: password REMINDERS in your browser should not be used

500

True or false: federated authentication allows us to authenticate through some feature of the device previously registered on the authentication server

False: "Authentication conditioned to the device" allows this