PrepAway - Latest Free Exam Questions & Answers

Which of the following would MOST effectively enhance the security of a challenge-response based authenticatio

Which of the following would MOST effectively enhance the security of a challenge-response
based authentication system?

PrepAway - Latest Free Exam Questions & Answers

A.
Selecting a more robust algorithm to generate challenge strings

B.
implementing measures to prevent session hijacking attacks

C.
increasing the frequency of associated password changes

D.
increasing the length of authentication strings

Explanation:

Challenge response-based authentication is prone to session hijacking or man-in-the-middle
attacks. Security management should be aware of this and engage in risk assessment and control
design when they employ this technology. Selecting a more robust algorithm will enhance the
security; however, this may not be as important in terms of risk when compared to man-in-themiddle attacks. Choices C and D are good security practices; however, they are not as effective a
preventive measure. Frequently changing passwords is a good security practice; however, the
exposures lurking in communication pathways may pose a greater risk.


Leave a Reply