nerdexam
(ISC)2

CISSP · Question #378

Which of the following is a characteristic of a challenge/response authentication process?

The correct answer is B. Transmitting a hash based on the user's password. A challenge/response authentication process is a method of verifying the identity of a user or device by sending a challenge, such as a random number, and expecting a valid response, such as a hash based on the user's password and the challenge. This prevents the password from be

Submitted by neha2k· Mar 5, 2026Identity and Access Management

Question

Which of the following is a characteristic of a challenge/response authentication process?

Options

  • AUsing a password history blacklist
  • BTransmitting a hash based on the user's password
  • CPresenting distorted gravies of text for authentication
  • DRequiring the use of non-consecutive numeric characters

How the community answered

(51 responses)
  • A
    2% (1)
  • B
    88% (45)
  • C
    6% (3)
  • D
    4% (2)

Explanation

A challenge/response authentication process is a method of verifying the identity of a user or device by sending a challenge, such as a random number, and expecting a valid response, such as a hash based on the user's password and the challenge. This prevents the password from being transmitted in clear text and reduces the risk of replay attacks. Using a password history blacklist, presenting distorted graphics of text for authentication, and requiring the use of non- consecutive numeric characters are not characteristics of a challenge/response authentication

Topics

#Challenge/response authentication#Password hashing#Authentication protocols#Network authentication

Community Discussion

No community discussion yet for this question.

Full CISSP Practice