CompTIA Security Plus Mock Test Q921

An organization has introduced token-based authentication to system administrators due to risk of password compromise. The tokens have a set of numbers that automatically change every 30 seconds. Which of the following type of authentication mechanism is this?

A. TOTP
B. Smart card
C. CHAP
D. HOTP


Correct Answer: A
Section: Access Control and Identity Management

Explanation:
Time-based one-time password (TOTP) tokens are devices or applications that generate passwords at fixed time intervals. In this case, it’s every 30 seconds.

Incorrect Answers:
B: A smart card is sometimes referred to as an identity token containing integrated circuits. It does not generate passwords based on time.
C: The Challenge-Handshake Authentication Protocol (CHAP) is used primarily over dial-up connections to provide a secure transport mechanism for logon credentials. It does not
generate passwords based on time.
D: HMAC-based one-time password (HOTP) tokens are devices that generate passwords based on a nonrepeating one-way function.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 282,283