PrepAway - Latest Free Exam Questions & Answers

Which of the following protects a password from eavesdr…

Which of the following protects a password from eavesdroppers and supports the encryption of
communication?

PrepAway - Latest Free Exam Questions & Answers

A.
Challenge Handshake Authentication Protocol (CHAP)

B.
Challenge Handshake Identification Protocol (CHIP)

C.
Challenge Handshake Encryption Protocol (CHEP)

D.
Challenge Handshake Substitution Protocol (CHSP)

Explanation:
One approach to remote access security is the Challenge Handshake Authentication Protocol (CHAP). CHAP
protects the password from eavesdroppers and supports the encryption of communication.
Challenge Handshake Authentication Protocol (CHAP) addresses some of the vulnerabilities found in PAP. It
uses a challenge/response mechanism to authenticate the user instead of sending a password. When a user
wants to establish a PPP connection and both ends have agreed that CHAP will be used for authentication
purposes, the user’s computer sends the authentication server a logon request. The server sends the user a
challenge (nonce), which is a random value. This challenge is encrypted with the use of a predefined password
as an encryption key, and the encrypted challenge value is returned to the server. The authentication server
also uses the predefined password as an encryption key and decrypts the challenge value, comparing it to the
original value sent. If the two results are the same, the authentication server deduces that the user must have
entered the correct password, and authentication is granted.
Incorrect Answers:
B: The correct name for the protocol is Challenge Handshake Authentication Protocol (CHAP), not Challenge
Handshake Identification Protocol (CHIP).
C: The correct name for the protocol is Challenge Handshake Authentication Protocol (CHAP), not Challenge
Handshake Encryption Protocol (CHEP).
D: The correct name for the protocol is Challenge Handshake Authentication Protocol (CHAP), not Challenge
Handshake Substitution Protocol (CHSP).

Krutz, Ronald L. and Russell Dean Vines, The CISSP and CAP Prep Guide: Mastering CISSP and CAP, Wiley
Publishing, Indianapolis, 2007, p. 66
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, p. 710


Leave a Reply