nerdexam
(ISC)2

CISSP-ISSAP · Question #70

You are the Network Administrator at a large company. Your company has a lot of contractors and other outside parties that come in and out of the building. For this reason you are concerned that simpl

The correct answer is C. CHAP. CHAP (Challenge Handshake Authentication Protocol) is a protocol - a software-based authentication method that uses a challenge-response mechanism - not a physical token. Tokens, by definition, are physical hardware devices that a user possesses to prove identity. A smart card is

Identity and Access Management (IAM) Architecture

Question

You are the Network Administrator at a large company. Your company has a lot of contractors and other outside parties that come in and out of the building. For this reason you are concerned that simply having usernames and passwords is not enough and want to have employees use tokens for authentication. Which of the following is not an example of tokens?

Options

  • ASmart card
  • BUSB device with cryptographic data
  • CCHAP
  • DKey fob

How the community answered

(26 responses)
  • A
    4% (1)
  • B
    19% (5)
  • C
    69% (18)
  • D
    8% (2)

Explanation

CHAP (Challenge Handshake Authentication Protocol) is a protocol - a software-based authentication method that uses a challenge-response mechanism - not a physical token. Tokens, by definition, are physical hardware devices that a user possesses to prove identity. A smart card is a token (a chip-embedded card you physically carry), a USB device with cryptographic data is a token (plugged into a port to authenticate), and a key fob is a token (a small device generating one-time codes or storing credentials). All three distractors are tangible, possession-based factors in multi-factor authentication, whereas CHAP operates purely at the protocol/network layer with no physical component.

Memory tip: Think "tokens = things you can touch." If it fits in your pocket or plugs into a port, it's a token. CHAP is a protocol - you can't hold a protocol in your hand.

Topics

#Hardware tokens#Multi-factor authentication#CHAP protocol#Smart cards

Community Discussion

No community discussion yet for this question.

Full CISSP-ISSAP Practice