CISSP · Question #378
Which of the following is a characteristic of a challenge/response authentication process?
The correct answer is B. Transmitting a hash based on the user's password. A challenge/response authentication process is a method of verifying the identity of a user or device by sending a challenge, such as a random number, and expecting a valid response, such as a hash based on the user's password and the challenge. This prevents the password from be
Question
Which of the following is a characteristic of a challenge/response authentication process?
Options
- AUsing a password history blacklist
- BTransmitting a hash based on the user's password
- CPresenting distorted gravies of text for authentication
- DRequiring the use of non-consecutive numeric characters
How the community answered
(51 responses)- A2% (1)
- B88% (45)
- C6% (3)
- D4% (2)
Explanation
A challenge/response authentication process is a method of verifying the identity of a user or device by sending a challenge, such as a random number, and expecting a valid response, such as a hash based on the user's password and the challenge. This prevents the password from being transmitted in clear text and reduces the risk of replay attacks. Using a password history blacklist, presenting distorted graphics of text for authentication, and requiring the use of non- consecutive numeric characters are not characteristics of a challenge/response authentication
Topics
Community Discussion
No community discussion yet for this question.