PrepAway - Latest Free Exam Questions & Answers

Which of the following protocols is used by Point-to-Point (PPP) servers to validate the identity of remote cl

Which of the following protocols is used by Point-to-Point (PPP) servers to validate the identity of remote clients?

PrepAway - Latest Free Exam Questions & Answers

A.
EAP-TTLS

B.
CHAP

C.
PPP

D.
IPSec

Explanation:
The Challenge-handshake authentication protocol (CHAP) is an authentication scheme used by Point to Point Protocol (PPP) servers to validate the identity of remote clients. CHAP periodically verifies the identity of the client by using a three-way handshake. This happens at the time of establishing the initial link, and may happen again at any time afterwards. The verification is based on a shared secret (such as the client user’s password).
1. After the completion of the link establishment phase, the authenticator sends a "challenge" message to the peer.
2. The peer responds with a value calculated using a one-way hash function, such as an MD5 checksum hash.
3. The authenticator checks the response against its own calculation of the expected hash value. If the values match, the authenticator acknowledges the authentication; otherwise, it should terminate the connection.
4. At random intervals, the authenticator send a new challenge to the peer and repeats steps 1 through 3.

Answer C is incorrect. Point-to-Point Protocol (PPP) is a remote access protocol commonly used to connect to the Internet. PPP supports compression and encryption and can be used to connect to a variety of networks. It can connect to a network running on IPX, TCP/IP, or NetBEUI protocol. PPP supports multiprotocol and dynamic IP assignments. It is the default protocol for the Microsoft Dial-Up adapter.

Answer D is incorrect. Internet Protocol Security (IPSec) is a standard-based protocol that provides the highest level of VPN security. IPSec can encrypt virtually everything above the networking layer. It is used for VPN connections that use the L2TP protocol. It secures both data and password. IPSec cannot be used with Point-to-Point Tunneling Protocol (PPTP).

Answer A is incorrect. EAP-Tunneled Transport Layer Security (EAP- TTLS) is an EAP protocol that extends TLS. It is widely supported across platforms; although there is no native OS support for this EAP protocol in Microsoft Windows, it requires the installation of small extra programs such as SecureW2. EAP-TTLS offers very good security. The client can but does not have to be authenticated via a CA-signed PKI certificate to the server. This greatly simplifies the setup procedure, as a certificate does not need to be installed on every client. After the server is securely authenticated to the client via its CA certificate and optionally the client to the server, the server can then use the established secure connection ("tunnel") to authenticate the client.

Reference. http.//en.wikipediA.org/wiki/Point-to-Point_Protocol


Leave a Reply