Systems Security Certified Practitioner – SSCP – Question0145
Which of the following centralized access control mechanisms is the least appropriate for mobile workers accessing the corporate network over analog lines? A. TACACS B. Call-back C. CHAP D. RADIUS
Correct Answer: B
Explanation:
Call-back allows for a distant user connecting into a system to be called back at a number already listed in a database of trusted users. The disadvantage of this system is that the user must be at a fixed location whose phone number is known to the authentication server. Being mobile workers, users are accessing the system from multiple locations, making call-back inappropriate for them. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 2: Access control systems (page 44).
Please disable your adblocker or whitelist this site!