nerdexam
ExamsSY0-301Questions#698
CompTIA

SY0-301 · Question #698

SY0-301 Question #698: Real Exam Question with Answer & Explanation

The correct answer is B: LDAP. LDAP (Lightweight Directory Access Protocol) transmits credentials and directory data in cleartext by default, making it vulnerable to interception. It can be secured by wrapping it in SSL/TLS, which is known as LDAPS (LDAP over SSL, typically on port 636). This is the standard w

Question

Which of the following is an authentication method that can be secured by using SSL?

Options

  • ARADIUS
  • BLDAP
  • CTACACS+
  • DKerberos

Explanation

LDAP (Lightweight Directory Access Protocol) transmits credentials and directory data in cleartext by default, making it vulnerable to interception. It can be secured by wrapping it in SSL/TLS, which is known as LDAPS (LDAP over SSL, typically on port 636). This is the standard way to protect LDAP authentication traffic. RADIUS (Option A) uses its own UDP-based protocol with MD5-based shared secret protection - while it can be tunneled over TLS, it is not natively secured by SSL in standard implementations. TACACS+ (Option C) already encrypts its entire payload by design using its own mechanism, not SSL. Kerberos (Option D) uses a ticket-based mutual authentication system with its own cryptographic protections - it does not rely on SSL for security.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full SY0-301 Practice