Question 1)¶

a) Write a reasonable password policy for Human Resources (HR) staff members at the University of Central Lancashire (5 Marks)

16 character minimum
passphases not passwords
update passwords every 2 weeks
do not allow duplicate passwords
must contain a special character
enforce 2FA for online services

b) Justify this password policy by describing how long it might take for a computer to decrypt a password using brute-force attack. (5 Marks)

c) You are starting a new job in a primary school and have been asked to review the password policy for the children. Describe and justify why this password policy would not be appropriate for the situation. (5 Marks)

d) How can 'picture password' systems be used to reduce 'shoulder surfing' attacks? Your answer should include a definition of shoulder surfing attack. (5 Marks)

(20 Marks)

Question 2)¶

a) Using a diagram to illustrate your answer, describe how the finger printing across control mechanism works on modern smart phones using 'capacitance' to detect fingerprint ridges and valleys. (5 Marks)

b) identify a total of 5 advantages or disadvantages associated specifically with face recognition used on modern smart phones / tablets. You should explain/justify each advantage or disadvantage with examples. (10 Marks)

c) Identify and explain three different criteria that could be used to select a biometric technique for access control. (5 Marks)

(20 Marks)

Total Paper = 40 Marks.