Operating System Multiple Choice Questions on “Security – User Authentication”.
1. Which of the following are forms of malicious attack?
a) Theft of information
b) Modification of data
c) Wiping of information
d) All of the mentioned
Answer: d
Clarification: None.
2. What are the common security threats?
a) File Shredding
b) File sharing and permission
c) File corrupting
d) File integrity
Answer: b
Clarification: Sharing and associated permissions are usual exploits which can compromise the system.
3. From the following, which is not a common file permission?
a) Write
b) Execute
c) Stop
d) Read
Answer: c
Clarification: None.
4. Which of the following is a good practice?
a) Give full permission for remote transferring
b) Grant read only permission
c) Grant limited permission to specified account
d) Give both read and write permission but not execute
Answer: c
Clarification: Limited access is a key method to circumvent unauthorized access and exploits.
5. What is not a good practice for user administration?
a) Isolating a system after a compromise
b) Perform random auditing procedures
c) Granting privileges on a per host basis
d) Using telnet and FTP for remote access
Answer: d
Clarification: Telnet and FTP are not encrypted and can be compromised.
6. Which of the following is the least secure method of authentication?
a) Key card
b) fingerprint
c) retina pattern
d) Password
Answer: d
Clarification: Passwords can be compromised more easily than to replicate a physical thing like key card, fingerprint or retina.
7. Which of the following is a strong password?
a) 19thAugust88
b) Delhi88
c) P@assw0rd
d) !augustdelhi
Answer: c
Clarification: It has a combination of Alphabet both capital and small along with number and special character. Thus always use complex password with a combination of all these.
8. Why is one time password safe?
a) It is easy to generated
b) It cannot be shared
c) It is different for every access
d) It is a complex encrypted password
Answer: c
Clarification: One time password is safe since it is generated per access and thus cannot be brute forced or deduced.
9. What does Light Directory Access Protocol (LDAP) doesn’t store?
a) Users
b) Address
c) Passwords
d) Security Keys
Answer: b
Clarification: None.
10. What is characteristic of RADIUS system?
a) It is essential for centralized encryption and authentication
b) It works on Network layer to deny access to unauthorized people
c) It provides centralized authentication mechanism via network devices
d) It’s a strong File access system
Answer: c
Clarification: None.
11. Which happens first authorization or authentication?
a) Authorization
b) Authentication
c) Authorization & Authentication are same
d) None of the mentioned
Answer: a
Clarification: None.
12. What are the characteristics of Authorization?
a) RADIUS and RSA
b) 3 way handshaking with syn and fin
c) Multilayered protection for securing resources
d) Deals with privileges and rights
Answer: d
Clarification: None.
13. What forces the user to change password at first login?
a) Default behavior of OS
b) Part of AES encryption practice
c) Devices being accessed forces the user
d) Account administrator
Answer: d
Clarification: Its administrator’s job to ensure that password of the user remains private and is known only to user. But while making a new user account he assigns a random general password to give it to user. Thus even administrator cannot access a particular users account.
14. What is not a best practice for password policy?
a) Deciding maximum age of password
b) Restriction on password reuse and history
c) Password encryption
d) Having change password every 2 years
Answer: d
Clarification: Old passwords are more vulnerable to being misplaced or compromised. Passwords should be changed periodically to enhance security.