CompTIA
CAS-002 · Question #88
CAS-002 Question #88: Real Exam Question with Answer & Explanation
The correct answer is A: Kerberos. CredSSP with Network Level Authentication supports Kerberos and NTLM for authentication and TLS for the encrypted transport channel used during credential delegation.
Question
An administrator wants to integrate the Credential Security Support Provider (CredSSP) protocol network level authentication (NLA) into the remote desktop terminal services environment. Which of the following are supported authentication or encryption methods to use while implementing this? (Select THREE).
Options
- AKerberos
- BNTLM
- CRADIUS
- DTACACS+
- ETLS
- FHMAC
- GCamellia
Explanation
CredSSP with Network Level Authentication supports Kerberos and NTLM for authentication and TLS for the encrypted transport channel used during credential delegation.
Common mistakes.
- C. RADIUS is an AAA protocol used for network device and VPN access authentication and is not part of the Windows CredSSP or NLA protocol stack.
- D. TACACS+ is a Cisco-centric device administration AAA protocol and has no role in the Windows Remote Desktop NLA or CredSSP implementation.
- F. HMAC is a keyed-hash message authentication code primitive used internally within other cryptographic protocols and is not an independently selectable method in CredSSP.
- G. Camellia is a symmetric cipher not included in the Windows TLS cipher suite set used by CredSSP, which relies on AES-based suites negotiated through the Windows Schannel provider.
Concept tested. CredSSP NLA authentication and encryption protocol support
Community Discussion
No community discussion yet for this question.