Wentz is a co-founder of Amicliens, a company from Taiwan delivering business solutions. He enjoys applying IT technologies to solve business problems and has been working in the IT industry for over 20 years.
Your company initiates a business continuity program to support the continuous delivery of products and services. You’re in charge of the reliability and availability of the power system, including UPS and the power generator. Which of the following is the least concern for you? (Source: Wentz QOTD)
A. The default failure mode configuration
B. The mean time to repair (MTTR)
C. The mean time to failure (MTTF)
D. Service level agreement (SLA)
You are implementing a mantrap to control the access to a highly regulated lab for the research of the COVID-19 vaccine to prevent piggybacking and tailgating. It uses two-pass authentication: an ID card for the external door and facial recognition for the other. Which of the following should be the concern at priority and addressed first? (Source: Wentz QOTD)
A. Refer to the product manual for the mean time to failure (MTTF)
B. Refer to the product manual for the default failure mode configuration
C. Refer to the product manual for low false rejection rate (FRR) configuration
D. Refer to the product manual for low false acceptance rate (FAR) configuration
You are conducting user acceptance testing against the fingerprint-based physical access control to the computer room. System administrators and engineers report that they are often blocked outside the door. Which of the following is the most feasible solution to solve this problem? (Source: Wentz QOTD)
A. Lower the error rate of the CER
B. Lower the slope of the FRR curve to reduce Type I error
C. Lower the slope of the FAR curve to reduce Type II error
D. Ask the vendor to replace the fingerprint reader with a new one having lower EER
You are developing an in-house application with an authentication requirement that user passwords shall not be transmitted on the network. Which of the following is the best solution for clients to authenticate to the server? (Source: Wentz QOTD)
A. Clients encrypt credentials using the server’s public key.
B. The server sends a nonce encrypted by the client’s public key.
C. Clients negotiate a dynamic key with the server through Diffie-Hellman.
D. The server sends a TGT encrypted by its secret key after receiving the client’s ID.
The following question discussed in Discord is short and seems simple, but it deserves more thinking. So, I wrote this post to share my perspectives.
Determining which element of the confidentiality, integrity and availability (CIA) triad is MOST important is a necessary task when:
A. assessing overall system risk.
B. developing a controls policy.
C. determining treatment options.
D. developing a classification scheme.
Your company implemented Federated Identity Management (FIM) based on SAML to support Single Sign-On (SSO). Which of the following is not true? (Source: Wentz QOTD)
A. A user may have an identity in each domain and multiple identities across domains.
B. A federated identity is a pseudonym shared between domains to hide a user’s identity.
C. A relying party authorizes access requests based on assertions expressed in XACML.
D. SSO relies on the service provider’s (SP) trust in the Identity Provider (IdP).
In the Kerberos network authentication system, a client initiates authentication requests to the authentication service (AS) to obtain authentication credentials for a given server. Which of the following is not true? (Source: Wentz QOTD)
A. The AS is subject to the chosen-ciphertext attack.
B. The client sends its own identity to the AS in cleartext when logging in.
C. The AS doesn’t know whether the client sends a genuine identity or not.
D. The client doesn’t send its password or secret key to the AS when logging in.