Which of the following authentication methods prevents authentication replay?
A.
 Password hash implementation
B.
 Challenge/response mechanism
C.
 Wired Equivalent Privacy (WEP) encryption usage
D.
 HTTP Basic Authentication
Explanation:
A challenge/response mechanism prevents replay attacks by sending a different random challenge in each authentication event. The response is linked to that challenge. Therefore, capturing the authentication handshake and replaying it through the network will not work. Using hashes by itself will not prevent a replay. A
WEP key will not prevent sniffing (it just takes a few more minutes to break the WEP key if the attacker does not already have it) and therefore will not be able to prevent recording and replaying an authenticationhandshake. HTTP Basic Authentication is clear text and has no mechanisms to prevent replay.