Identity and Access Manag:

Authentication quiz

SearchSecurity.com

1. Which authentication mechanism is the easiest to deploy and the easiest to break?

  1. shared secrets (passwords and PINs)
  2. biometrics
  3. tokens
  4. geo-location

2. Which of the following publishes internal IDs to the outside world or external business partner IDs internally, or both?

  1. application-specific directories
  2. OS-specific directories
  3. departmental directories
  4. border directory

3. True or False: Tokens and smart cards have identical capabilities today.

  1. True
  2. False

4. What should you consider when deploying an LDAP structure?

  1. Using a unique User ID across the entire structure
  2. Using LDAP chaining
  3. Making the people database space as flat as possible
  4. All of the above

5. Which of the following is not a best practice for using tiered groups to control user access?

  1. Apply policies to each layer individually.
  2. Keep the group structure as simple as possible.
  3. Don't nest OUs or groups more than a few layers deep.
  4. Keep the number of groups to a minimum.

If you got two or more wrong, revisit these materials in the Authentication lesson:

  • Webcast: FFIEC: How to comply with the authentication regulation
  • Technical article: Authentication in the real world: Moving from strategy to implementation
  • Podcast: Balancing the authentication equation
  • If you got four or more correct, return to Identity and Access Management Security School and start another lesson.

    16 Aug 2006