A security technician has been asked to recommend an authentication mechanism that will
allow users to authenticate using a password that will only be valid for a predefined time
interval. Which of the following should the security technician recommend?
A.
CHAP
B.
TOTP
C.
HOTP
D.
PAP
TOTP really? A one time password. It might be the best choice of the answers, but its a horrible choice.
“Account restrictions” or “group policy” are much better choices.
0
0
I think it’s just awkward wording. TOTP allows the password to be used once at predefined time (once in an interval of about 1 minute), HOTP allows password to be used once at any time.
I think because the TOTP standard effectively means a short window of use, rather than a specific time [due to technical considerations like latency, clock skew etc], they felt compelled to put “interval” into the question, which makes it sound like the interval itself is desired to be configured eg give user x access from now until March 16th, give user y access for 4 days, give user z access between monday and thursday next week.
0
0
I agree but you are not asked what YOU would do.. or even what the best choice PERIOD is….we are only asked to choose between the answers provided to us. So unfortunately TOTP is the ONLY correct answer.
0
0