Authentication in which a random value is presented to a user, who then returns a calculated
number based on that random value is called:

A.
Man-in-the-middle

B.
Personal identification number (PIN) protocol

C.
One-time password

D.
Challenge-response

Explanation:
In challenge-response authentication, the user enters a random value (challenge) sent by the
authentication server into a token device. The token device shares knowledge of a cryptographic
secret key with the authentication server and calculates a response based on the challenge value
and the secret key. This response is entered into the authentication server, which uses the response
to authenticate the identity of the user by performing the same calculation and comparing results.
Answer “man-in-the-middle” is a type of attack in which a cracker is interposed between the user
and authentication server and attempts to gain access to packets for replay in order to impersonate
a valid user. A “one-time password” is a password that is used only once to gain access to a network
or computer system. A typical implementation is through the use of a token that generates a
number based on the time of day. The user reads this number and enters it into the authenticating
device. The authenticating device calculates the same number based on the time of day and uses the
same algorithm used by the token. If the token’s number matches that of the authentication server,
the identity of the user is validated. Obviously, the token and the authentication server must be
time-synchronized for this approach to work. Also, there is allowance for small values of time skew
between the authorization device and the token. Answer d refers to a PIN number that is something
you know used with something you have, such as an ATM card.