PrepAway - Latest Free Exam Questions & Answers

When submitting a passphrase for authentication, the pa…

When submitting a passphrase for authentication, the passphrase is converted into:

PrepAway - Latest Free Exam Questions & Answers

A.
a virtual password by the system.

B.
a new passphrase by the system.

C.
a new passphrase by the encryption technology

D.
a real password by the system which can be used forever.

Explanation:
A passphrase is a sequence of characters that is longer than a password. The user enters this phrase into an
application, and the application transforms the value into a virtual password, making the passphrase the length
and format that is required by the application. (For example, an application may require your virtual password to
be 128 bits to be used as a key with the AES algorithm.) If a user wants to authenticate to an application, such
as Pretty Good Privacy (PGP), he types in a passphrase, let’s say StickWithMeKidAndYouWillWearDiamonds.
The application converts this phrase into a virtual password that is used for the actual authentication.
A passphrase is more secure than a password because it is longer, and thus harder to obtain by an attacker. In
many cases, the user is more likely to remember a passphrase than a password.
Incorrect Answers:
B: The passphrase is not converted into a new passphrase by the system.
C: The passphrase is not converted into a new passphrase by the encryption technology.
D: The passphrase is not converted into a real password by the system which can be used forever.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, p. 199
http://www.itl.nist.gov/fipspubs/fip112htm


Leave a Reply