Chapter 3 - User Authentication (Computer Security: Principles and Practice)

T

User authentication is the fundamental building block and the primary line of defense.

F

Identification is the means of establishing the validity of a claimed identity provided by a user.

T

Many users choose a password that is too short or too easy to guess.

T

User authentication is the basis for most types of access control and for user accountability.

F

Memory cards store and process data.

T

Enrollment creates an association between a user and the user's biometric characteristics.

T

In a biometric scheme some physical characteristic of the individual is mapped into a digital representation.

password cracker

A __________ is a password guessing program.

reactive password checking

A __________ strategy is one in which the system periodically runs its own password cracker to find guessable passwords.

facial characteristics

The most common means of human-to-human identification are __________.

Hand geometry

__________ systems identify features of the hand, including shape, and lengths and widths of fingers.

enrolled

Each individual who is to be included in the database of authorized users must first be __________ in the system.

host attack

A __________ is directed at the user file at the host where passwords, token passcodes, or biometric templates are stored.

replay

A __________ attack involves an adversary repeating a previously captured user response.

Identification

An authentication process consists of the _________ step and the verification step.

tokens

Objects that a user possesses for the purpose of user authentication are called ________

Biometric

A __________ authentication system attempts to authenticate an individual based on his or her unique physical characteristics.

denial-of-service

A _________ attack attempts to disable a user authentication service by flooding the service with numerous authentication attempts.