authentication - answering phone

zackmax · October 2015

you are called on your mobile phone for voice authentication.

Is this:
something you have and something you are ?
something you do and something you are ?

Thanks!

zackmax · October 2015

a user cannot install a new and relatively unknown software on their system

application black listing ?
application white listing ?

both of the above answers prevent unauthorized apps from being installed so its confusing.

tmurphy3100 · October 2015

Application white listing should allow it to be installed. So the answer would be blacklisting.

zackmax · October 2015

tmurphy3100 wrote: »

Application white listing should allow it to be installed. So the answer would be blacklisting.

Can it not be that under application white listing policy, this application is not present?

tmurphy3100 · October 2015

then again if it is a relatively new software and there is an implicit deny involved here, the answer could be different. These questions are very vague.

cyberguypr · October 2015

Something you do is a behavior unique to you, more like handwriting dynamics or keystroke rhythm analysis. Calling your phone is something you have and voice is something you are.

zackmax · October 2015

cyberguypr wrote: »

Something you do is a behavior unique to you, more like handwriting dynamics or keystroke rhythm analysis. Calling your phone is something you have and voice is something you are.

Thanks!

cyberguypr · October 2015

If you are blacklisting you are saying "only blocks these..., allow everything else". Whitelisting says "only allow these... block everything else". Taking the question at face value, the "new and relatively unknown" descriptor means the app would sail through a blacklist but will be blocked by a whitelist.

OctalDump · October 2015

zackmax wrote: »

you are called on your mobile phone for voice authentication.

Is this:
something you have and something you are ?
something you do and something you are ?

Thanks!

Voice Biometrics over the phone is something that exists. Biometrics are definitely something you are.
Your mobile phone is something assumed to be something you have. It's a little weaker as a token, because phone numbers can be forwarded away from a specific device. But mobile phones are used as tokens.

The question I would have is how reasonable is it to assume that voice biometrics are in place. It could be that they are calling your mobile phone and asking for a pass phrase (something you know) which isn't analysed for biometrics.

If biometrics are being used, and you are forced to choose between the two answers, then something you are is most reasonable. But in fact all three come into play normally as the biometric system generally uses the same phrase for accurate results and might not prompt.

It's a good "thinking question" but not a good multiple choice exam question.

OctalDump · October 2015

zackmax wrote: »

a user cannot install a new and relatively unknown software on their system

application black listing ?
application white listing ?

both of the above answers prevent unauthorized apps from being installed so its confusing.

On a multi-choice, white listing is the best answer. The implication is that only specific known programs are on the whitelist. This would mean "new" software is not likely to make it on the whitelist.

authentication - answering phone

Comments