An administrator has two servers and wants them to communicate with each other using a secure
algorithm.
Which of the following choose to provide both CRC integrity checks and RCA encryption?
A.
NTLM
B.
RSA
C.
CHAP
D.
ECDHE
Explanation:
ECDHE provides both CRC integrity checks and RCA encryption.
Adding an ephemeral key to Elliptic Curve Diffie-Hellman turns it into ECDHE. It is the ephemeral
component of each of these that provides the perfect forward secrecy.
Forward secrecy is a property of any key exchange system, which ensures that if one key is compromised,
subsequent keys will not also be compromised. Perfect forward secrecy occurs when this process is
unbreakable.Incorrect Answers:
A: NTLM does not use RCA encryption.
Microsoft replaced the LANMAN protocol with NTLM (NT LAN Manager) with the release of Windows NT.
NTLM uses MD4/MD5 hashing algorithms. Several versions of this protocol exist (NTLMv1, NTLMv2), and
it is still in widespread use despite the fact that Microsoft has pointed to Kerberos as being its preferred
authentication protocol.
B: RSA is one of the first practical public-key cryptosystems and is widely used for secure data
transmission. However, RSA does not use RCA encryption.
C: CHAP does use RCA encryption.
CHAP provides protection against replay attacks by the peer through the use of an incrementally changing
identifier and of a variable challenge-value. CHAP requires that both the client and server know the
plaintext of the secret, although it is never sent over the networkDulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 139, 143, 252, 254, 256