nerdexam
(ISC)2

CISSP · Question #828

Which of the following is the BIGGEST weakness when using native Lightweight Directory Access Protocol (LDAP) for authentication?

The correct answer is D. Passwords are passed in clear text. The biggest weakness when using native Lightweight Directory Access Protocol (LDAP) for authentication is that passwords are passed in clear text over the network, exposing them to eavesdropping and interception attacks. To mitigate this risk, LDAP should be used with encryption

Submitted by salim_om· Mar 5, 2026Identity and Access Management

Question

Which of the following is the BIGGEST weakness when using native Lightweight Directory Access Protocol (LDAP) for authentication?

Options

  • AAuthorizations are not included in the server response
  • BUnsalted hashes are passed over the network
  • CThe authentication session can be replayed
  • DPasswords are passed in clear text

How the community answered

(55 responses)
  • A
    4% (2)
  • B
    2% (1)
  • C
    2% (1)
  • D
    93% (51)

Explanation

The biggest weakness when using native Lightweight Directory Access Protocol (LDAP) for authentication is that passwords are passed in clear text over the network, exposing them to eavesdropping and interception attacks. To mitigate this risk, LDAP should be used with encryption protocols, such as Secure Sockets Layer (SSL) or Transport Layer Security (TLS), or with authentication protocols, such as Kerberos or Simple Authentication and Security Layer

Topics

#LDAP#authentication protocols#clear text passwords#network security

Community Discussion

No community discussion yet for this question.

Full CISSP Practice