Paper

Title | Week 7: Access Control and Authentication Assessment Test |

Interaction.5 | First of all, which cryptographic technique can be used to verify the identity of a message's sender? | ☑ Shared Secret Key.
☐ Public-Private Key.
☐ Hashing. | | OK, and how would you use public-private key cryptography to identify the sender of a message? | Two different asymmetrical keys are part of a mathematical equation verifying the senders identity. If the correct result is computed, the receiver knows that the message can only have come from the sender. Both the public and private keys are needed to use the PPK, and that adds to the security of it. Using PPK , you can send messages using any open channel and be confident that the message is intact(message integrity), receiver can only read it (privacy), and sent by you (authentication). | | The board seems to think that requiring usernames and passwords is enough security for our users. Do you agree? | ☑ No; we also need other levels of authentication such as machine authentication in order to provide adequate security.
☐ No; we should require a series of security questions at each login attempt to validate the users.
☐ Yes; as long as the users keep them secure, this is adequate security. | | Is two-factor authentication adequate for a bank? Why or why not? | Well basically, you can identify who is accessing data and using a two-factor authentication strategy, a physical device that contains their credentials and password, like a debit card and PIN number. A debit card is something you have and a pin is something you know. Most banks the require users to authenticate each computer they want to access their accounts through. If an account is locked, the bank require users to call in to reset their pin then the agent requires more proof of identity. | | Which networking device is primarily concerned with getting traffic to its ultimate destination? | ☐ Bastion Hosts
☑ Routers
☐ Bastion hosts and routers both do this. | | And how does security differ between routers and bastion hosts? | Routers forward data throughout a network to their intended destination, doing this with an attempt to not overload any particular device in the network; monitoring traffic and keeping it balanced. An application level gateway firewall is called a bastion host, sitting between the public and private network to defend it by using proxy services containing strict security policies and blocking access services from moving across it. | |

© 2011 Toolwire, Inc. All rights reserved.