• Home
  • Articles
  • [Q152-Q176] Full SSCP Practice Test and 1305 unique questions with explanations waiting just for you!

[Q152-Q176] Full SSCP Practice Test and 1305 unique questions with explanations waiting just for you!

Share

Full SSCP Practice Test and 1305 unique questions with explanations waiting just for you!

ISC Certification Dumps SSCP Exam for Full Questions - Exam Study Guide

NEW QUESTION # 152
Which of the following is the primary security feature of a proxy server?

  • A. URL blocking
  • B. Content filtering
  • C. Route blocking
  • D. Virus Detection

Answer: B

Explanation:
In many organizations, the HTTP proxy is used as a means to implement content filtering, for instance, by logging or blocking traffic that has been defined as, or is assumed to be nonbusiness related for some reason.
Although filtering on a proxy server or firewall as part of a layered defense can be quite effective to prevent, for instance, virus infections (though it should never be the only protection against viruses), it will be only moderately effective in preventing access to unauthorized services (such as certain remote-access services or file sharing), as well as preventing the download of unwanted content. HTTP Tunneling.
HTTP tunneling is technically a misuse of the protocol on the part of the designer of such tunneling applications. It has become a popular feature with the rise of the first streaming video and audio applications and has been implemented into many applications that have a market need to bypass user policy restrictions.
Usually, HTTP tunneling is applied by encapsulating outgoing traffic from an application in an HTTP request and incoming traffic in a response. This is usually not done to circumvent security, but rather, to be compatible with existing firewall rules and allow an application to function through a firewall without the need to apply special rules, or additional configurations.
The following are incorrect choices:
Virus Detection A proxy is not best at detection malware and viruses within content. A antivirus product would be use for that purpose.
URL blocking This would be a subset of Proxying, based on the content some URL's may be blocked by the proxy but it is not doing filtering based on URL addresses only. This is not the BEST answer.
Route blocking This is a function that would be done by Intrusion Detection and Intrusion prevention system and not the proxy. This could be done by filtering devices such as Firewalls and Routers as well. Again, not the best choice.


NEW QUESTION # 153
Which of the following answers is described as a random value used in cryptographic algorithms to ensure that patterns are not created during the encryption process?

  • A. Ciphertext
  • B. Stream Cipher
  • C. IV - Initialization Vector
  • D. OTP - One Time Pad

Answer: C

Explanation:
The basic power in cryptography is randomness. This uncertainty is why encrypted data is unusable to someone without the key to decrypt.
Initialization Vectors are a used with encryption keys to add an extra layer of randomness to encrypted data. If no IV is used the attacker can possibly break the keyspace because of patterns resulting in the encryption process. Implementation such as DES in Code Book Mode (CBC) would allow frequency analysis attack to take place.
In cryptography, an initialization vector (IV) or starting variable (SV)is a fixed-size input to a cryptographic primitive that is typically required to be random or pseudorandom.
Randomization is crucial for encryption schemes to achieve semantic security, a property
whereby repeated usage of the scheme under the same key does not allow an attacker to
infer relationships between segments of the encrypted message. For block ciphers, the use
of an IV is described by so-called modes of operation. Randomization is also required for
other primitives, such as universal hash functions and message authentication codes
based thereon.
It is define by TechTarget as:
An initialization vector (IV) is an arbitrary number that can be used along with a secret key
for data encryption. This number, also called a nonce, is employed only one time in any
session.
The use of an IV prevents repetition in data encryption, making it more difficult for a hacker
using a dictionary attack to find patterns and break a cipher. For example, a sequence
might appear twice or more within the body of a message. If there are repeated sequences
in encrypted data, an attacker could assume that the corresponding sequences in the
message were also identical. The IV prevents the appearance of corresponding duplicate
character sequences in the ciphertext.
The following answers are incorrect:
-Stream Cipher: This isn't correct. A stream cipher is a symmetric key cipher where plaintext digits are combined with pseudorandom key stream to product cipher text.
-OTP - One Time Pad: This isn't correct but OTP is made up of random values used as key material. (Encryption key) It is considered by most to be unbreakable but must be changed with a new key after it is used which makes it impractical for common use.
-Ciphertext: Sorry, incorrect answer. Ciphertext is basically text that has been encrypted with key material (Encryption key)
The following reference(s) was used to create this question:
For more details on this TOPIC and other questions of the Security+ CBK, subscribe to our Holistic Computer Based Tutorial (CBT) at http://www.cccure.tv and whatis.techtarget.com/definition/initialization-vector-IV and en.wikipedia.org/wiki/Initialization_vector


NEW QUESTION # 154
Of the following, which is NOT a specific loss criteria that should be considered while developing a BIA?

  • A. Loss in profits
  • B. Loss in reputation
  • C. Loss in revenue
  • D. Loss of skilled workers knowledge

Answer: D

Explanation:
Explanation/Reference:
Although a loss of skilled workers knowledge would cause the company a great loss, it is not identified as a specific loss criteria. It would fall under one of the three other criteria listed as distracters.
Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, chapter
9: Disaster Recovery and Business continuity (page 598).


NEW QUESTION # 155
Which of the following statements pertaining to Kerberos is TRUE?

  • A. Kerberos cannot address confidentiality of information
  • B. Kerberos does not make use of Symmetric Keys
  • C. Kerberos does not address availability
  • D. Kerberos does not address integrity

Answer: C

Explanation:
Section: Access Control
Explanation/Reference:
The question was asking for a TRUE statement and the only correct statement is "Kerberos does not address availability".
Kerberos addresses the confidentiality and integrity of information. It does not directly address availability.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 2: Access control systems (page 42).


NEW QUESTION # 156
Which of the following is NOT an encryption method used by VPNs (Virtual Private Networks)?

  • A. L2F - Layer 2 Forwarding
  • B. L2TP - Layer 2 Tunneling Protocol
  • C. SSH - Secure Shell
  • D. PPTP - Point to Point Tunneling Protocol
  • E. All of the above are encryption methods used by VPNs
  • F. IPSEC - IP Security

Answer: E


NEW QUESTION # 157
What does it mean to say that sensitivity labels are "incomparable"?

  • A. The number of classification in the two labels is different.
  • B. Neither label contains all the classifications of the other.
  • C. the number of categories in the two labels are different.
  • D. Neither label contains all the categories of the other.

Answer: D

Explanation:
Explanation/Reference:
If a category does not exist then you cannot compare it. Incomparable is when you have two disjointed sensitivity labels, that is a category in one of the labels is not in the other label. "Because neither label contains all the categories of the other, the labels can't be compared. They're said to be incomparable" COMPARABILITY:
The label:
TOP SECRET [VENUS ALPHA]
is "higher" than either of the labels:
SECRET [VENUS ALPHA] TOP SECRET [VENUS]
But you can't really say that the label:
TOP SECRET [VENUS]
is higher than the label:
SECRET [ALPHA]
Because neither label contains all the categories of the other, the labels can't be compared. They're said to be incomparable. In a mandatory access control system, you won't be allowed access to a file whose label is incomparable to your clearance.
The Multilevel Security policy uses an ordering relationship between labels known as the dominance relationship. Intuitively, we think of a label that dominates another as being "higher" than the other.
Similarly, we think of a label that is dominated by another as being "lower" than the other. The dominance relationship is used to determine permitted operations and information flows.
DOMINANCE
The dominance relationship is determined by the ordering of the Sensitivity/Clearance component of the label and the intersection of the set of Compartments.
Sample Sensitivity/Clearance ordering are:
Top Secret > Secret > Confidential > Unclassified
s3 > s2 > s1 > s0
Formally, for label one to dominate label 2 both of the following must be true:
The sensitivity/clearance of label one must be greater than or equal to the sensitivity/clearance of label two.
The intersection of the compartments of label one and label two must equal the compartments of label two.
Additionally:
Two labels are said to be equal if their sensitivity/clearance and set of compartments are exactly equal.
Note that dominance includes equality.
One label is said to strictly dominate the other if it dominates the other but is not equal to the other.
Two labels are said to be incomparable if each label has at least one compartment that is not included in the other's set of compartments.
The dominance relationship will produce a partial ordering over all possible MLS labels, resulting in what is known as the MLS Security Lattice.
The following answers are incorrect:
The number of classification in the two labels is different. Is incorrect because the categories are what is being compared, not the classifications.
Neither label contains all the classifications of the other. Is incorrect because the categories are what is being compared, not the classifications.
the number of categories in the two labels is different. Is incorrect because it is possibe a category exists more than once in one sensitivity label and does exist in the other so they would be comparable.
Reference(s) used for this question:
OReilly - Computer Systems and Access Control (Chapter 3)
http://www.oreilly.com/catalog/csb/chapter/ch03.html
and
http://rubix.com/cms/mls_dom


NEW QUESTION # 158
What is the length of an MD5 message digest?

  • A. 256 bits
  • B. varies depending upon the message size.
  • C. 160 bits
  • D. 128 bits

Answer: D

Explanation:
A hash algorithm (alternatively, hash "function") takes binary data, called the message, and produces a condensed representation, called the message digest. A cryptographic hash algorithm is a hash algorithm that is designed to achieve certain security properties. The Federal Information Processing Standard 180-3, Secure Hash Standard, specifies five cryptographic hash algorithms - SHA-1, SHA-224, SHA-256, SHA384, and SHA-512 for federal use in the US; the standard was also widely adopted by the information technology industry and commercial companies.
The MD5 Message-Digest Algorithm is a widely used cryptographic hash function that produces a 128-bit (16-byte) hash value. Specified in RFC 1321, MD5 has been employed in a wide variety of security applications, and is also commonly used to check data integrity. MD5 was designed by Ron Rivest in 1991 to replace an earlier hash function, MD4. An MD5 hash is typically expressed as a 32-digit hexadecimal number.
However, it has since been shown that MD5 is not collision resistant; as such, MD5 is not suitable for applications like SSL certificates or digital signatures that rely on this property. In 1996, a flaw was found with the design of MD5, and while it was not a clearly fatal weakness, cryptographers began recommending the use of other algorithms, such as SHA1 - which has since been found also to be vulnerable. In 2004, more serious flaws were discovered in MD5, making further use of the algorithm for security purposes questionable specifically, a group of researchers described how to create a pair of files that share the same MD5 checksum. Further advances were made in breaking MD5 in 2005, 2006, and 2007. In December 2008, a group of researchers used this technique to fake SSL certificate validity, and US-CERT now says that MD5 "should be considered cryptographically broken and unsuitable for further use." and most U.S. government applications now require the SHA-2 family of hash functions.
NIST CRYPTOGRAPHIC HASH PROJECT NIST announced a public competition in a Federal Register Notice on November 2, 2007 to develop a new cryptographic hash algorithm, called SHA-3, for standardization. The competition was NIST's response to advances made in the cryptanalysis of hash algorithms.
NIST received sixty-four entries from cryptographers around the world by October 31, 2008, and selected fifty-one first-round candidates in December 2008, fourteen second-round candidates in July 2009, and five finalists - BLAKE, Grostl, JH, Keccak and Skein, in December 2010 to advance to the third and final round of the competition.
Throughout the competition, the cryptographic community has provided an enormous amount of feedback. Most of the comments were sent to NIST and a public hash forum; in addition, many of the cryptanalysis and performance studies were published as papers in major cryptographic conferences or leading cryptographic journals. NIST also hosted a SHA-3 candidate conference in each round to obtain public feedback. Based on the public comments and internal review of the candidates, NIST announced Keccak as the winner of the SHA-3 Cryptographic Hash Algorithm Competition on October 2, 2012, and ended the five-year competition.
Reference:
Tipton, Harold, et. al., Officical (ISC)2 Guide to the CISSP CBK, 2007 edition, page 261.
and
https://secure.wikimedia.org/wikipedia/en/wiki/Md5
and http://csrc.nist.gov/groups/ST/hash/sha-3/index.html


NEW QUESTION # 159
Which of the following is NOT a fundamental component of an alarm in an intrusion detection system?

  • A. Enunciator
  • B. Sensor
  • C. Response
  • D. Communications

Answer: C

Explanation:
Response is the correct choice. A response would essentially be the action that is taken once an alarm has been produced by an IDS, but is not a fundamental component of the alarm.
The following are incorrect answers:
Communications is the component of an alarm that delivers alerts through a variety of
channels such as email, pagers, instant messages and so on.
An Enunciator is the component of an alarm that uses business logic to compose the
content and format of an alert and determine the recipients of that alert.
A sensor is a fundamental component of IDS alarms. A sensor detects an event and
produces an appropriate notification.
Domain: Access Control
Reference:
Official guide to the CISSP CBK. page 203.


NEW QUESTION # 160
What does the simple security (ss) property mean in the Bell-LaPadula model?

  • A. No read down
  • B. No read up
  • C. No write down
  • D. No write up

Answer: B

Explanation:
The ss (simple security) property of the Bell-LaPadula access control model states that reading of information by a subject at a lower sensitivity level from an object at a higher sensitivity level is not permitted (no read up). Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 5: Security Architectures and Models (page 202).


NEW QUESTION # 161
What can be defined as an event that could cause harm to the information systems?

  • A. A risk
  • B. A vulnerability
  • C. A weakness
  • D. A threat

Answer: D

Explanation:
Section: Risk, Response and Recovery
Explanation/Reference:
A threat is an event or activity that has the potential to cause harm to the information systems. A risk is the probability that a threat will materialize. A vulnerability, or weakness, is a lack of a safeguard, which may be exploited by a threat, causing harm to the information systems.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 1: Access Control Systems (page 32).


NEW QUESTION # 162
What best describes a scenario when an employee has been shaving off pennies from multiple accounts and depositing the funds into his own bank account?

  • A. Salami techniques
  • B. Data diddling
  • C. Data fiddling
  • D. Trojan horses

Answer: A


NEW QUESTION # 163
Which of the following is most likely to be useful in detecting intrusions?

  • A. Information security policies
  • B. Audit trails
  • C. Access control lists
  • D. Security labels

Answer: B

Explanation:
Section: Analysis and Monitoring
Explanation/Reference:
If audit trails have been properly defined and implemented, they will record information that can assist in detecting intrusions.
Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, Chapter 4:
Access Control (page 186).


NEW QUESTION # 164
Network cabling comes in three flavors, they are:

  • A. twisted pair, control, and fiber optic.
  • B. tagged pair, coaxial, and fiber optic.
  • C. twisted pair, coaxial, and fiber optic.
  • D. trusted pair, coaxial, and fiber optic.

Answer: C

Explanation:
Network cabling comes in three flavors: twisted pair, coaxial, and fiber optic. Twisted pair
Twisted pair cabling is a form of wiring in which two wires (the forward and return conductors of a single circuit) are twisted together for the purposes of canceling out electromagnetic interference (EMI) from external sources. This type of cable is used for home and corporate Ethernet networks. Twisted pair cables consist of two insulated copper wires. There are three types of twisted pair cables: Shielded, Unshielded and Foil Fiber Optic cable
An optical fiber cable consists of a center glass core surrounded by several layers of protective material. The outer insulating jacket is made of Teflon or PVC to prevent interference. It is expensive but has higher bandwidth and can transmit data over longer distances. Coaxial cable
Coaxial lines confine the electromagnetic wave to area inside the cable, between the center conductor and the shield. The transmission of energy in the line occurs totally through the dielectric inside the cable between the conductors. Coaxial lines can therefore be bent and twisted (subject to limits) without negative effects, and they can be strapped to conductive supports without inducing unwanted currents in them and though.
The most common use for coaxial cables is for television and other signals with bandwidth of multiple megahertz. Although in most homes coaxial cables have been installed for transmission of TV signals, new technologies (such as the ITU-T G.hn standard) open the possibility of using home coaxial cable for high-speed home networking applications (Ethernet over coax).
See the following page for more details: http://fcit.usf.edu/network/chap4/chap4.htm
Reference used for this question:
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 101. and Wikipedia at http://en.wikipedia.org/wiki/Networking_cables


NEW QUESTION # 165
What can be best defined as the examination of threat sources against system vulnerabilities to determine the threats for a particular system in a particular operational environment?

  • A. Threat analysis
  • B. Risk analysis
  • C. Due diligence
  • D. Risk management

Answer: A

Explanation:
Threat analysis is the examination of threat sources against system vulnerabilities to determine the threats for a particular system in a particular operational environment.
The following answers are incorrect:
Risk analysis is the process of identifying the risks to system security and determining the probability of occurrence, the resulting impact, and the additional safeguards that mitigate this impact.
Risk analysis is synonymous with risk assessment and part of risk management, which is the ongoing process of assessing the risk to mission/business as part of a risk-based approach used to determine adequate security for a system by analyzing the threats and vulnerabilities and selecting appropriate, cost-effective controls to achieve and maintain an acceptable level or risk.
Due Diligence is identifying possible risks that could affect a company based on best practices and standards.
Reference(s) used for this question:
STONEBURNER, Gary & al, National Institute of Standards and Technology (NIST), NIST Special Publication 800-27, Engineering Principles for Information Technology Security (A Baseline for Achieving Security), June 2001 (page B-3).


NEW QUESTION # 166
Of the reasons why a Disaster Recovery plan gets outdated, which of the following is not true?

  • A. Large plans can take a lot of work to maintain
  • B. Personnel turnover
  • C. Continous auditing makes a Disaster Recovery plan irrelevant
  • D. Infrastructure and environment changes

Answer: C

Explanation:
Section: Risk, Response and Recovery
Explanation/Reference:
Although a auditing is a part of corporate security, it in no way supercedes the requirments for a disaster recovery plan. All others can be blamed for a plan going out of date.
Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, chapter 9:
Disaster Recovery and Business continuity (page 609).


NEW QUESTION # 167
Another name for a VPN is a:

  • A. bypass
  • B. pipeline
  • C. tunnel
  • D. one-time password

Answer: C


NEW QUESTION # 168
Which of the following is an advantage that UDP has over TCP?

  • A. UDP is faster than TCP.
  • B. UDP is connection-oriented whereas TCP is not.
  • C. UDP makes a better effort to deliver packets.
  • D. UDP is more reliable than TCP.

Answer: A

Explanation:
Explanation/Reference:
UDP is a scaled-down version of TCP. It is used like TCP, but only offers a "best effort" delivery. It is connectionless, does not offer error correction, does not sequence the packet segments, and less reliable than TCP but because of its lower overhead, it provides a faster transmission than TCP.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 3: Telecommunications and Network Security (page
86).


NEW QUESTION # 169
Which type of control is concerned with avoiding occurrences of risks?

  • A. Compensating controls
  • B. Deterrent controls
  • C. Preventive controls
  • D. Detective controls

Answer: C

Explanation:
Section: Access Control
Explanation/Reference:
Preventive controls are concerned with avoiding occurrences of risks while deterrent controls are concerned with discouraging violations. Detecting controls identify occurrences and compensating controls are alternative controls, used to compensate weaknesses in other controls. Supervision is an example of compensating control.
Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.


NEW QUESTION # 170
Which one of the following statements about the advantages and disadvantages of network- based Intrusion detection systems is true

  • A. Most network-based IDSs can automatically indicate whether or not an attack was successful.
  • B. Network-based IDSs are not vulnerable to attacks.
  • C. Network-based IDSs are well suited for modern switch-based networks.
  • D. The deployment of network-based IDSs has little impact upon an existing network.

Answer: D

Explanation:
Network-based IDSs are usually passive devices that listen on a network wire without interfering with the normal operation of a network. Thus, it is usually easy to retrofit a network to include network-based IDSs with minimal effort.
Network-based IDSs are not vulnerable to attacks is not true, even thou network-based IDSs can be made very secure against attack and even made invisible to many attackers they still have to read the packets and sometimes a well crafted packet might exploit or kill your capture engine.
Network-based IDSs are well suited for modern switch-based networks is not true as most switches do not provide universal monitoring ports and this limits the monitoring range of a network-based IDS sensor to a single host. Even when switches provide such monitoring ports, often the single port cannot mirror all traffic traversing the switch.
Most network-based IDSs can automatically indicate whether or not an attack was successful is not true as most network-based IDSs cannot tell whether or not an attack was successful; they can only discern that an attack was initiated. This means that after a network-based IDS detects an attack, administrators must manually investigate each attacked host to determine whether it was indeed penetrated.


NEW QUESTION # 171
Out of the steps listed below, which one is not one of the steps conducted during the Business Impact Analysis (BIA)?

  • A. Create data-gathering techniques
  • B. Identify the company's critical business functions
  • C. Alternate site selection
  • D. Select individuals to interview for data gathering

Answer: C

Explanation:
Selecting and Alternate Site would not be done within the initial BIA. It would be done at a later stage of the BCP and DRP recovery effort. All of the other choices were steps that would be conducted during the BIA. See below the list of steps that would be done during the BIA.
A BIA (business impact analysis ) is considered a functional analysis, in which a team collects data through interviews and documentary sources; documents business functions, activities, and transactions ; develops a hierarchy of business functions; and finally applies a classification scheme to indicate each individual function's criticality level.
BIA Steps
1.Select individuals to interview for data gathering.
2.Create data-gathering techniques (surveys, questionnaires, qualitative and quantitative approaches).
3.Identify the company's critical business functions.
4.Identify the resources these functions depend upon.
5.Calculate how long these functions can survive without these resources.
6.Identify vulnerabilities and threats to these functions.
7.Calculate the risk for each different business function.
8.Document findings and report them to management.
Reference(s) used for this question:
Harris, Shon (2012-10-18). CISSP All-in-One Exam Guide, 6th Edition (p. 905-909).
McGraw-Hill. Kindle Edition.


NEW QUESTION # 172
What is called an attack where the attacker spoofs the source IP address in an ICMP ECHO broadcast packet so it seems to have originated at the victim's system, in order to flood it with REPLY packets?

  • A. Denial of Service (DOS) attack
  • B. SYN Flood attack
  • C. Smurf attack
  • D. Ping of Death attack

Answer: C

Explanation:
Section: Network and Telecommunications
Explanation/Reference:
Although it may cause a denial of service to the victim's system, this type of attack is a Smurf attack. A SYN Flood attack uses up all of a system's resources by setting up a number of bogus communication sockets on the victim's system. A Ping of Death attack is done by sending IP packets that exceed the maximum legal length (65535 octets).
Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, chapter 11:
Application and System Development (page 789).


NEW QUESTION # 173
Access Control techniques do not include which of the following?

  • A. Rule-Based Access Controls
  • B. Mandatory Access Control
  • C. Role-Based Access Control
  • D. Random Number Based Access Control

Answer: D

Explanation:
Access Control Techniques Discretionary Access Control Mandatory Access Control Lattice Based Access Control Rule-Based Access Control Role-Based Access Control Source: DUPUIS, Clement, Access Control Systems and Methodology, Version 1, May 2002, CISSP Open Study Group Study Guide for Domain 1, Page 13.


NEW QUESTION # 174
_____________ states that users should only be given enough access to accomplish their jobs.

  • A. All of the listed items are correct
  • B. Concept of Least Privilege
  • C. Separation of Duties
  • D. Due Diligence

Answer: B


NEW QUESTION # 175
Which of the following protects a password from eavesdroppers and supports the encryption of communication?

  • A. Challenge Handshake Identification Protocol (CHIP)
  • B. Challenge Handshake Encryption Protocol (CHEP)
  • C. Challenge Handshake Substitution Protocol (CHSP)
  • D. Challenge Handshake Authentication Protocol (CHAP)

Answer: D

Explanation:
Explanation/Reference:
CHAP: A protocol that uses a three way hanbdshake The server sends the client a challenge which includes a random value(a nonce) to thwart replay attacks. The client responds with the MD5 hash of the nonce and the password.
The authentication is successful if the client's response is the one that the server expected.
Reference: Page 450, OIG 2007.
CHAP protects the password from eavesdroppers and supports the encryption of communication.
Reference: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 44.


NEW QUESTION # 176
......

Authentic Best resources for SSCP Online Practice Exam: https://testking.vceprep.com/SSCP-latest-vce-prep.html

Related Articles

more
ISC SSCP Certification Practice Exam