Prev Question
Next Question

Which of the following would MOST effectively enhance the security of a challenge- response
based authentication system?

Selecting a more robust algorithm to generate challenge strings

implementing measures to prevent session hijacking attacks

increasing the frequency of associated password changes

increasing the length of authentication strings

Challenge response-based authentication is prone to session hijacking or man-in-the- middle
attacks. Security management should be aware of this and engage in risk assessment and control
design when they employ this technology. Selecting a more robust algorithm will enhance the
security; however, this may not be as important in terms of risk when compared to man-in-themiddle attacks. Choices C and D are good security practices; however, they are not as effective a
preventive measure. Frequently changing passwords is a good security practice; however, the
exposures lurking in communication pathways may pose a greater risk.

Prev Question
Next Question

Leave a Reply

Your email address will not be published. Required fields are marked *