CISSP · Question #455
Which of the following is a characteristic of a challenge/response authentication process?
The correct answer is B. Transmitting a hash based on the user's password. Challenge/response authentication is a protocol where the server sends a challenge (random value) and the client responds with a hash derived from the challenge and the user's password, never transmitting the password itself.
Question
Which of the following is a characteristic of a challenge/response authentication process?
Options
- APresenting distorted graphics of text for authentication
- BTransmitting a hash based on the user's password
- CUsing a password history blacklist
- DRequiring the use of non-consecutive numeric characters
How the community answered
(31 responses)- A3% (1)
- B94% (29)
- C3% (1)
Why each option
Challenge/response authentication is a protocol where the server sends a challenge (random value) and the client responds with a hash derived from the challenge and the user's password, never transmitting the password itself.
Presenting distorted graphics of text describes CAPTCHA, which is a human-verification mechanism to distinguish bots from humans, not a challenge/response authentication protocol.
In a challenge/response authentication scheme, the server issues a random challenge value, and the client computes a hash using the challenge combined with the user's password or credential, then sends only the hash back. This proves knowledge of the password without ever transmitting it in plaintext, which is the defining characteristic of the protocol (e.g., CHAP, NTLM, or MS-CHAPv2).
Using a password history blacklist is a password policy control that prevents reuse of previous passwords, which is unrelated to the challenge/response authentication mechanism.
Requiring non-consecutive numeric characters is a password complexity rule enforced during password creation, not a characteristic of the challenge/response authentication process.
Concept tested: Challenge/response authentication protocol characteristics
Source: https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-chap/8f59d9e6-b660-4b18-b2d9-d7db09b8a3e6
Topics
Community Discussion
No community discussion yet for this question.