Forgery is incorrect because it is one of the ways an impersonation attack is achieved. Forgery is attempting to guess or otherwise fabricate the evidence that the impersonator knows or possesses.
Relay is incorrect because it is one of the ways an impersonation attack is achieved. Relay is where one can eavesdrop upon another’s authentication exchange and learn enough to impersonate a user.
Interception is incorrect because it is one of the ways an impersonation attack is achieved. Interception is where one can slip in between the communications and “hijack” the communications channel.
236. Which of the following security features is
a. All or nothing privileges
b. The granularity of privilege
c. The time bounding of privilege
d. Privilege inheritance
The granularity of privilege is incorrect because it is one of the security features supported by the principle of least privilege. A privilege mechanism that supports granularity of privilege can enable a process to override only those security-relevant functions needed to perform the task. For example, a backup program needs to override only read restrictions, not the write or execute restriction on files.
The time bounding of privilege is incorrect because it is one of the security features supported by the principle of least privilege. The time bounding of privilege is related in that privileges required by an application or a process can be enabled and disabled as the application or process needs them.
Privilege inheritance is incorrect because it is one of the security features supported by the principle of least privilege. Privilege inheritance enables a process image to request that all, some, or none of its privileges get passed on to the next process image. For example, application programs that execute other utility programs need not pass on any privileges if the utility program does not require them.
237. Authentication is a protection against fraudulent transactions. Authentication process does
a. Validity of message location being sent
b. Validity of the workstations that sent the message
c. Integrity of the message that is transmitted
d. Validity of the message originator
238. Passwords are used as a basic mechanism to identify and authenticate a system user. Which of the following password-related factors
a. Password length
b. Password lifetime
c. Password secrecy
d. Password storage
Password length can be tested to ensure that short passwords are not selected. Password lifetime can be tested to ensure that they have a limited lifetime. Passwords should be changed regularly or whenever they may have been compromised. Password storage can be tested to ensure that they are protected to prevent disclosure or unauthorized modification.