Question 36 (practice exam 7)

Here are some flashcard questions based on the provided information:

  1. Q: What is the primary advantage of implementing biometric identification for user logins? A: Biometric identification, such as fingerprint or retina scanners, ensures that only the authorized user can log in, even if their username and password are compromised.

  2. Q: Why is enforcing a policy to change passwords every 30 days considered an insufficient solution for preventing unauthorized logins? A: While enforcing frequent password changes can limit the potential damage window when a password is disclosed, it does not directly prevent unauthorized logins during the valid password period.

  3. Q: How does requiring only a username and password for user logins fall short in addressing the security concern of unauthorized access? A: Relying solely on a username and password can still allow unauthorized individuals to log in if they obtain those credentials, making it an insufficient solution to prevent unauthorized logins.

  4. Q: What is the potential limitation of installing security cameras in secure areas to monitor logins? A: While security cameras can provide a deterrent and help identify who logged in after the fact, they cannot actively prevent unauthorized individuals from logging in using compromised credentials.

  5. Q: In addition to biometric identification, what other multi-factor authentication methods could be implemented to enhance login security? A: Other multi-factor authentication methods that could be implemented include hardware tokens, one-time passwords, or mobile-based authentication apps.

  6. Q: How does the implementation of biometric identification for user logins align with the principles of authentication and access control? A: Biometric identification provides a stronger form of authentication by relying on inherent physical characteristics, rather than solely on something the user knows (like a password), aligning with the principles of robust authentication and access control.

  7. Q: In scenarios where physical access to workstations is a concern, how can biometric identification complement other security measures? A: Biometric identification can complement measures like physical access controls, surveillance, and monitoring by adding an additional layer of security that prevents unauthorized individuals from accessing systems, even if they manage to gain physical access.