Self-study
Coming up with secure passwords for confidential computer files is difficult. █████ ██████ █████████ ████ ███ ████ ██ █████████ ████ ██ █████ █████ ██ ██████████ ██████ ██████████████ █████ ███ ███ ███████ ██ █████ ███ ██ ████████ ███ █████ ██ ████ ██████ ██ ████████ ████████████ ██████ ██████████████ ██ ███████ ███ ███████ ███ ███ ███████ ██ ██████ ███ █████ ███ ████ ███ ███████ ███ ██████████ █████ ██ ███████ █████ ███ ██████ █████ █████████ ███ ██ ███ ██████ ███████████████ █████ ████████████ █████████ ████ ███ ████ █████████ ██ ████████ ███ █████████ ███████ ████ ██ ██████ ███ █████ ████ ███ ████████ ████████ ██████ ██ ████
Summary
Creating secure passwords for confidential computer files is difficult. Users prefer passwords that are easy to remember. Unfortunately, these passwords are the easiest to guess for an outsider. Random configurations of letters and numbers are the hardest for an outsider to guess, but also the easiest for a legitimate user to forget. Furthermore, passwords that are very difficult to remember are generally written down, and hence pose the greatest security threat of all.
Notable Valid Inferences
Passwords that are easy to remember pose less of a security threat than passwords that are very difficult to remember. We know this because passwords that are very difficult to remember pose the greatest security threat.
20.
If the statements above are █████ █████ ███ ██ ███ █████████ ████ ████ ██ █████
a
Computer users should ███ █████ ████ █████ █████████ ████ ██ ███ █████████ ███ ████ ██ █████████
Could be false. The stimulus does not state a value judgment about what users should not do. We know that written passwords pose the greatest security threat, but it is possible there are other reasons to write passwords down that outweigh these risks.
b
It is expensive ██ ████ ██████ ██████████████ ██████████ █████████ █████████ ██████ ██████████
Could be false. The stimulus tells us that users who forget their passwords use up the administrator’s time, but we don’t have any information about how much this costs. It is possible that a system administrator’s time is not expensive.
c
Passwords that are ████ ████ ██ █████ ████ ████ ██ █ ████████ ██████ ████ █████████ ████ ███ ████ █████████ ██ █████████
Must be true. The stimulus tells us that very difficult passwords to remember are usually written down, a practice that poses the greatest security threat. If this practice poses the greatest threat, then the threat associated with passwords that are easy to guess is less.
d
Passwords that are ██████ ██████████████ ██ ███████ ███ ███████ ███ ███ █████ ██████ ██ ██████ ██ ████████ █████████
Could be false. The stimulus tells us that these passwords are the easiest for legitimate users to forget. If they are the hardest to remember, then users may choose to write them down, and passwords that are written down pose the greatest security threat.
e
The easier a ████████ ██ ██ █████████ ███ ████ ██████ ███ ████████ ████████
Could be false. The stimulus does not describe a proportional relationship between security risk and the ease of remembering a password. It is possible that there is a point where the security level maximizes even though the password could change to become easier to remember.