146. Which of the following security mechanisms for high-risk storage encryption authentication products provides protection against authentication-guessing attempts and favors security over functionality?
a. Alert consecutive failed login attempts.
b. Lock the computer for a specified period of time.
c. Increase the delay between attempts.
d. Delete the protected data from the device.
147. Recovery mechanisms for storage encryption authentication solutions require which of the following?
a. A trade-off between confidentiality and security
b. A trade-off between integrity and security
c. A trade-off between availability and security
d. A trade-off between accountability and security
148. For identity management, which of the following requires multifactor authentication?
a. User-to-host architecture
b. Peer-to-peer architecture
c. Client host-to-server architecture
d. Trusted third-party architecture
Peer-to-peer architecture, sometimes referred to as mutual authentication protocol, involves the direct communication of authentication information between the communicating entities (e.g., peer-to-peer or client host-to-server).
The architecture for trusted third-party (TTP) authentication uses a third entity, trusted by all entities, to provide authentication information. The amount of trust given the third entity must be evaluated. Methods to establish and maintain a level of trust in a TTP include certification practice statements (CPS) that establishes rules, processes, and procedures that a certificate authority (CA) uses to ensure the integrity of the authentication process and use of secure protocols to interface with authentication servers. A TTP may provide authentication information in each instance of authentication, in real-time, or as a precursor to an exchange with a CA.
149. For password management, which of the following ensures password strength?
a. Passwords with maximum keyspace, shorter passphrases, low entropy, and simple passphrases
b. Passwords with balanced keyspace, longer passphrases, high entropy, and complex passphrases
c. Passwords with minimum keyspace, shorter passphrases, high entropy, and simple passphrases
d. Passwords with most likely keyspace, longer passphrases, low entropy, and complex passphrases