CompTIA Security Plus Mock Test Q922

A security technician has been asked to recommend an authentication mechanism that will allow users to authenticate using a password that will only be valid for a predefined time interval. Which of the following should the security technician recommend?

A. CHAP
B. TOTP
C. HOTP
D. PAP


Correct Answer: B
Section: Access Control and Identity Management

Explanation
Explanation/Reference:
Time-based one-time password (TOTP) tokens are devices or applications that generate passwords at fixed time intervals. Therefore, the password will only be valid for a predefined
time interval.

Incorrect Answers:
A: The Challenge-Handshake Authentication Protocol (CHAP) is used primarily over dial-up connections to provide a secure transport mechanism for logon credentials.
C: HMAC-based one-time password (HOTP) tokens are devices that generate passwords based on a nonrepeating one-way function. It is not restricted to time.
D: PAP allows for two entities to share a password in advance and use the password as the basis of authentication. It is not dependant on time.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 282, 283
http://en.wikipedia.org/wiki/Password_authentication_protocol#Working_cycle