CISSP · Question #828
Which of the following is the BIGGEST weakness when using native Lightweight Directory Access Protocol (LDAP) for authentication?
The correct answer is D. Passwords are passed in clear text. The biggest weakness when using native Lightweight Directory Access Protocol (LDAP) for authentication is that passwords are passed in clear text over the network, exposing them to eavesdropping and interception attacks. To mitigate this risk, LDAP should be used with encryption
Question
Options
- AAuthorizations are not included in the server response
- BUnsalted hashes are passed over the network
- CThe authentication session can be replayed
- DPasswords are passed in clear text
How the community answered
(55 responses)- A4% (2)
- B2% (1)
- C2% (1)
- D93% (51)
Explanation
The biggest weakness when using native Lightweight Directory Access Protocol (LDAP) for authentication is that passwords are passed in clear text over the network, exposing them to eavesdropping and interception attacks. To mitigate this risk, LDAP should be used with encryption protocols, such as Secure Sockets Layer (SSL) or Transport Layer Security (TLS), or with authentication protocols, such as Kerberos or Simple Authentication and Security Layer
Topics
Community Discussion
No community discussion yet for this question.