30 Dec Practice Test Question- Insecure Protocols
Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.
Frank is reviewing the security of a customer environment and finds that they are using the Password Authentication Protocol on their network. What finding should Frank bring to the customer’s attention.
A. PAP is not compatible with non-Windows operating systems
B. PAP is commonly configured by attackers and this may be a sign that the network is compromised
C. PAP is an insecure protocol
D. No finding is necessary, as PAP is a commonly used secure protocol
Correct Answer: C
PAP is not compatible with non-Windows operating systems and PAP is commonly configured by attackers and this may be a sign that the network is compromised are incorrect answers in this scenario. This is because PAP does not provide any encryption capability and is, therefore, not considered a secure protocol.
Frank should recommend that his customer replace PAP with a secure alternative. This is the correct answer.
Interested in more practice test questions?
Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test!
No Comments