null
US
Sign In
Sign Up for Free
Sign Up
We have detected that Javascript is not enabled in your browser. The dynamic nature of our site means that Javascript must be enabled to function properly. Please read our
terms and conditions
for more information.
Next up
Copy and Edit
You need to log in to complete this action!
Register for Free
2998603
Authentication and Authorization
Description
Authentication and Authorization
No tags specified
ecsp java
autorization
authentication
Quiz by
Carlos Veliz
, updated more than 1 year ago
More
Less
Created by
Carlos Veliz
over 9 years ago
180
0
0
Resource summary
Question 1
Question
Which of the following statements is not part of the types of authentication mechanisms?
Answer
HTTP Basic Authentication
Form-Based Authentication
Authentication 802.1x
Client/Server Mutual Authentication
Question 2
Question
Cual de los siguientes enunciados no corresponde a los pasos de una autenticación basica?
Answer
Requests a protected resource
Request username password
Redirect to login page
Returns request resource
Sends username password
Question 3
Question
Indicate whether the following definition is true or false for form-based authentication: "SSL can be added to part or whole of the web application"
Answer
True
False
Question 4
Question
It is not part of the job overview of Kerberos:
Answer
Key Distribution Centre in Kerberos stores account information and client passwords
Working proccess is invisible to the user
This mechanism issues tickets containing user identity, encrypted password, encrypted data
Client authentication ensures that the users are legitimate or not
Question 5
Question
It is not a way to prevent Web-based enumeration attack:
Answer
Lock out targeted account access after a certain restricted failed attempts
Web applications need to respond with similar error messages to all authentication failures
Analyze URLs and ther responses during security testinf to authentication failures and prevent unnecessary information leakage
Analyze Web page titles and their responses during authentication failures and prevent unnecesaary information leakage
Question 6
Question
Authorization is the proccess that control access rights of principals to system resources that include:
Answer
Access to users
Access to proccess
Access to machines
All of the above
None of the above
Question 7
Question
Which is the fifth step in implementing authorization?
Answer
Defining roles to users
check for user authentication for the application
Apply the constrains which are accessible by role
Define security roles of an application to roles defined in memory realm
Question 8
Question
It is not part of the access control model:
Answer
System Domain
AWT
Printer
Database Server
File I/O
Question 9
Question
Which of the following statements is not part of the principles of least privilege?
Answer
User account should have enongh privileges according to their task
Evaluate and implement code access permissions
Save sensitive files with random names and clean temporay files
Enable web applications access to database through limited accounts only
Avoid Web application servers running at privileged accounst such as administrador, root, sysman, sa, etc.
Question 10
Question
Which of the following is not a best practice in the management of sessions?
Answer
Make use of SSL
Do not add sensitive data in security token
Impose concurrent login limits
Regenerate session IDs upon privilege changes
A user has access to resources based on the role assigned
Show full summary
Hide full summary
Want to create your own
Quizzes
for
free
with GoConqr?
Learn more
.
Similar
Java Concurrency and Session Management
Carlos Veliz
Introduction to Java Security
Carlos Veliz
Java Mix Test 42p
Carlos Veliz
ECSP JAVA: JAAS
Carlos Veliz
Criptography
Carlos Veliz
Java - Mix
Carlos Veliz
Java Application Vulnerabilities
Carlos Veliz
Java Concurrency and Session Management
Jose Luis Vasquez Galvez
Java Mix Test 42p
Jose Luis Vasquez Galvez
Forces and Acceleration
Adam Collinge
The Many Conjugations of Spanish! Wow!
hannahkathryn5
Browse Library