Which of the following technique an attacker could user…
During an IS audit, auditor has observed that authentication and authorization steps are split into two functions
and there is a possibility to force the authorization step to be completed before the authentication step. Which
of the following technique an attacker could user to force authorization step before authentication?
What should be the auditor’s PRIMARY concern be with th…
During an IS audit, one of your auditors has observed that some of the critical servers in your organization can
be accessed ONLY by using a shared/common user name and password. What should be the auditor’s
PRIMARY concern be with this approach?
Which authentication technique BEST protects against hi…
Which authentication technique BEST protects against hijacking?
Which of the following can BEST eliminate dial-up acces…
Which of the following can BEST eliminate dial-up access through a Remote Access Server as a hacking
vector?
What is Kerberos?
What is Kerberos?
Which of the following protocol was used by the INITIAL…
Which of the following protocol was used by the INITIAL version of the Terminal Access Controller Access
Control System TACACS for communication between clients and servers?
Which of following is NOT a service provided by AAA ser…
Which of following is NOT a service provided by AAA servers (Radius, TACACS and DIAMETER)?
Which of the following is NOT a two-factor authenticati…
Which of the following is NOT a two-factor authentication mechanism?
which type of control?
Smart cards are an example of which type of control?
What physical characteristic does a retinal scan biomet…
What physical characteristic does a retinal scan biometric device measure?