CompTIA Security Plus Mock Test Q864

Pete, a security auditor, has detected clear text passwords between the RADIUS server and the authenticator. Which of the following is configured in the RADIUS server and what technologies should the authentication protocol be changed to?

A. PAP, MSCHAPv2
B. CHAP, PAP
C. MSCHAPv2, NTLMv2
D. NTLM, NTLMv2


Correct Answer: A
Section: Access Control and Identity Management

Explanation:
PAP transmits the username and password to the authentication server in plain text.
MSCHAPv2 is utilized as an authentication option for RADIUS servers that are used for Wi-Fi security using the WPA-Enterprise protocol.

Incorrect Answers:
B, C: The scenario mentions that passwords between the RADIUS server and the authenticator are transmitted in clear text. Then the first part of the question asks what is configured
for the RADIUS server. The first part of these two options is CHAP and MSCHAPv2, which do not transmit in clear text.
D: NTLM is a suite of Microsoft security protocols that provides authentication, integrity, and confidentiality to users.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 139
http://en.wikipedia.org/wiki/MS-CHAP
http://en.wikipedia.org/wiki/NT_LAN_Manager