312-50V11 · Question #212
Todd has been asked by the security officer to purchase a counter-based authentication system. Which of the following best describes this type of system?
The correct answer is C. An authentication system that creates one-time passwords that are encrypted with secret keys.. A counter-based authentication system generates one-time passwords by combining a synchronized counter with a shared secret key, which is the mechanism defined by HOTP (HMAC-based One-Time Password).
Question
Todd has been asked by the security officer to purchase a counter-based authentication system. Which of the following best describes this type of system?
Options
- AA biometric system that bases authentication decisions on behavioral attributes.
- BA biometric system that bases authentication decisions on physical attributes.
- CAn authentication system that creates one-time passwords that are encrypted with secret keys.
- DAn authentication system that uses passphrases that are converted into virtual passwords.
How the community answered
(30 responses)- A7% (2)
- B3% (1)
- C87% (26)
- D3% (1)
Why each option
A counter-based authentication system generates one-time passwords by combining a synchronized counter with a shared secret key, which is the mechanism defined by HOTP (HMAC-based One-Time Password).
Behavioral biometrics authenticate users based on how they perform actions (e.g., keystroke dynamics or gait), which has no relation to counter-synchronized cryptographic one-time passwords.
Physical biometrics authenticate users based on physiological traits such as fingerprints or iris patterns, which is entirely unrelated to counter-based OTP generation.
Counter-based authentication is standardized in RFC 4226 as HOTP. It generates a one-time password by computing an HMAC-SHA1 hash using a shared secret key and an incrementing counter value synchronized between client and server. Each successful authentication increments the counter on both sides, ensuring every OTP is valid only once and cannot be reused.
Passphrase-to-virtual-password conversion describes cognitive or S/KEY-style passphrase schemes, not the counter-driven HMAC cryptographic process used in HOTP.
Concept tested: HOTP counter-based one-time password authentication mechanism
Source: https://www.rfc-editor.org/rfc/rfc4226
Topics
Community Discussion
No community discussion yet for this question.