21. What is a key advantage of multi-factor authentication compared to single sign-on?

  • It can grant access to multiple company resources at once.
  • It streamlines the authentication process.
  • It requires more than one form of identification before granting access to a system.
  • It is faster when authenticating users.

22. A shipping company imports and exports materials around the world. Their business operations include purchasing goods from suppliers, receiving shipments, and distributing goods to retailers. How should the shipping company protect their assets under the principle of separation of duties? Select two answers.

  • Have one employee file purchase orders
  • Have one employee select goods and submit payments
  • Have one employee receive shipments and distribute goods
  • Have one employee approve purchase orders

23. Fill in the blank: ____ is the technology used to establish a user’s request to access a server.

  • Basic auth
  • API tokens
  • OAuth
  • Digital certificates

24. Which of the following are reasons why accounting in security is such an important function of effective access controls? Select two answers.

  • Identify ways to improve business operations.
  • Detect session hijacking incidents.
  • Uncover threat actors who have accessed a system.
  • Record user activity for marketing purposes.

25. What is the primary purpose of hash functions?

  • To store data in the cloud
  • To determine data integrity
  • To decrypt sensitive data
  • To make data quickly available

26. Which of the following steps are part of the public key infrastructure process? Select two answers.

  • Exchange of public and private keys
  • Transfer hash digests
  • Establish trust using digital certificates
  • Exchange of encrypted information

27. What factors do authentication systems use to verify a user's identity? Select three answers.

  • Accounting
  • Knowledge
  • Ownership
  • Characteristic

28. What are some disadvantages of using single sign-on (SSO) technology for user authentication? Select two.

  • Username and password management is more complicated for the end users.
  • Customers, vendors, and business partners are less vulnerable to attack.
  • Stolen credentials can give attackers access to multiple resources.
  • Access to all connected resources stops when SSO is down.

Shuffle Q/A 3

29. A business has one person who receives money from customers at the register. At the end of the day, another person counts that money that was received against the items sold and deposits it. Which security principles are being implemented into business operations? Select two answers.

  • Multi-factor authentication
  • Separation of duties
  • Single sign-on
  • Least privilege

30. What types of user information does an API token contain? Select two answers.

  • A user’s secret key
  • A user’s site permissions
  • A user’s password
  • A user’s identity

Leave a Reply