CompTIA Security Plus Mock Test Q1056

Which of the following offers the LEAST secure encryption capabilities?

A. TwoFish
B. PAP
C. NTLM
D. CHAP


Correct Answer: B
Section: Cryptography

Explanation:
PAP transmits unencrypted ASCII passwords over the network and is therefore considered insecure. It is used as a last resort when the remote server does not support a stronger
authentication protocol, like CHAP or EAP.

Incorrect Answers:
A: TwoFish provides stronger encryption compared to NTLM, CHAP and PAP. TwoFish is a symmetric key block cipher with a block size of 128 bits and key sizes up to 256 bits.
TwoFish is related to the earlier block cipher Blowfish.
C: NTLM provides stronger encryption compared to CHAP and PAP. NT LAN Manager (NTLM) is a suite of Microsoft security protocols that provides authentication, integrity, and
confidentiality to users. NTLM is being replaced by Kerberos.
D: CHAP provides a more secure encryption than PAP. CHAP provides protection against replay attacks by the peer through the use of an incrementally changing identifier and of a
variable challenge-value.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 139, 143, 251, 256