MockRounds Logo

Authentication vs Authorization Fundamentals Quiz Quiz

Test your understanding of authentication, authorization, sessions, tokens, and OAuth2 basics. Evaluate your grasp of essential identity concepts in web security.

  1. Authentication Concept

    Which statement best describes authentication in the context of online systems?

    1. It encrypts data sent over a network for security.
    2. It decides what actions a user can perform within a system.
    3. It logs user activity for later analysis.
    4. It refers to data storage on a user's device.
    5. It verifies who the user is before granting access.

  2. Authorization Purpose

    If a user can log in but is not allowed to view certain files, which concept restricts their access to these files?

    1. Authentificationz
    2. Authorization
    3. Atomization
    4. Authentification
    5. Authorizationzation

  3. Sessions in Web Security

    After a user logs in, what maintains their logged-in state across multiple pages in many web applications?

    1. Transmission
    2. Transition
    3. Sassion
    4. Session
    5. Section

  4. Token Definition

    In a secure application, what is a token typically used for?

    1. To compress images for faster loading.
    2. To display error messages to users.
    3. To store large database files.
    4. To design graphical user interfaces.
    5. To represent a user's identity and permissions in a compact form.

  5. OAuth2 Role

    Which of the following is the main goal of the OAuth2 protocol in modern applications?

    1. To block any and all access to user data by third parties.
    2. To ensure all users must use the same strong password.
    3. To allow third-party apps to access user data without sharing passwords.
    4. To store audio and video files securely.
    5. To manage local encryption on client devices.

  6. Example Scenario: AuthN vs AuthZ

    If Alice logs in but cannot edit her profile, which process is responsible for denying the edit action?

    1. Authorization
    2. Sessioning
    3. Authentication
    4. Authentization
    5. Tokenization

  7. Session Expiry

    What typically happens when a session expires on a secure website?

    1. The session automatically renews forever.
    2. The website layout changes.
    3. The user gains administrator privileges.
    4. The user's password is reset.
    5. The user is logged out and must re-authenticate.

  8. Token Example

    Which of the following is an example of a token often used in authentication and authorization?

    1. A database backup file.
    2. A hardware device's serial number.
    3. A list of user passwords.
    4. A randomly generated string that represents a logged-in user.
    5. A screenshot of the login page.

  9. OAuth2 Access

    In an OAuth2 flow, what does an access token typically allow a third-party application to do?

    1. Access specific resources on behalf of the user within permissions granted.
    2. Disable two-factor authentication for all users.
    3. Monitor all network traffic in real time.
    4. Encrypt the user's password with a new algorithm.
    5. Update the OAuth2 protocol's core code.

  10. Distinguishing AuthN and AuthZ

    What is a key difference between authentication and authorization?

    1. Authentication prevents account locking; authorization logs activities.
    2. Authentication stores resource data; authorization encrypts passwords.
    3. Authentication confirms user identity; authorization determines permissions.
    4. Authentication assigns user roles; authorization checks network speed.
    5. Authentication manages server settings; authorization resets tokens.
mockrounds.com Learn • Practice • Evaluate