{"id":107,"date":"2021-01-17T05:27:32","date_gmt":"2021-01-16T17:53:56","guid":{"rendered":"https:\/\/exampracticetests.com\/ISC\/SSCP\/systems-security-certified-practitioner-sscp-question0099\/"},"modified":"2021-01-17T05:43:48","modified_gmt":"2021-01-17T05:43:48","slug":"systems-security-certified-practitioner-sscp-question0099","status":"publish","type":"post","link":"https:\/\/exampracticetests.com\/ISC\/SSCP\/systems-security-certified-practitioner-sscp-question0099\/","title":{"rendered":"Systems Security Certified Practitioner &#8211; SSCP &#8211; Question0099"},"content":{"rendered":"<div class=\"question\">RADIUS incorporates which of the following services? <br \/><strong><br \/>A.<\/strong> Authentication server and PIN codes. <br \/><strong>B.<\/strong> Authentication of clients and static passwords generation. <br \/><strong>C.<\/strong> Authentication of clients and dynamic passwords generation. <br \/><strong>D.<\/strong> Authentication server as well as support for Static and Dynamic passwords.<\/div>\n<p><\/p>\n<style> .hidden-div{ display:none } <\/style>\n<p>\t\t\t\t\t\t\t<button onclick=\"getElementById('hidden-div').style.display = 'block'\"> Show Answer <\/button> <button onclick=\"getElementById('hidden-div').style.display = 'none'\">Hide Answer<\/button><\/p>\n<div class=\"hidden-div\" id=\"hidden-div\"><span style=\"\"><\/p>\n<div class=\"answer\">Correct Answer: <strong>D<\/strong><\/div>\n<p><strong>Explanation:<\/strong> <\/p>\n<div class=\"explanation\">\nA Network Access Server (NAS) operates as a client of RADIUS. The client is responsible for passing user information to designated RADIUS servers, and then acting on the response which is returned.<br \/>\nRADIUS servers are responsible for receiving user connection requests, authenticating the user, and then returning all configuration information necessary for the client to deliver service to the user.<br \/>\nRADIUS authentication is based on provisions of simple username\/password credentials. These credentials are encrypted by the client using a shared secret between the client and the RADIUS server. OIG 2007, Page 513<br \/>\nRADIUS incorporates an authentication server and can make uses of both dynamic and static passwords.<br \/>\nSince it uses the PAP and CHAP protocols, it also incluses static passwords. RADIUS is an Internet protocol. RADIUS carries authentication, authorization, and configuration information between a<br \/>\nNetwork Access Server and a shared Authentication Server. RADIUS features and functions are described primarily in the IETF (International Engineering Task Force) document RFC2138. The term &#8221; RADIUS&#8221; is an acronym which stands for Remote Authentication Dial In User Service. The main advantage to using a RADIUS approach to authentication is that it can provide a stronger form of authentication.<br \/>\nRADIUS is capable of using a strong, two-factor form of authentication, in which users need to possess both a user ID and a hardware or software token to gain access. Token-based schemes use dynamic passwords. Every minute or so, the token generates a unique 4-, 6-or 8-digit access number that is synchronized with the security server. To gain entry into the system, the user must generate both this one-time number and provide his or her user ID and password.<br \/>\nAlthough protocols such as RADIUS cannot protect against theft of an authenticated session via some realtime attacks, such as wiretapping, using unique, unpredictable authentication requests can protect against a wide range of active attacks. RADIUS: Key Features and Benefits Features Benefits<br \/>\nRADIUS supports dynamic passwords and challenge\/response passwords. Improved system security due to the fact that passwords are not static. It is much more difficult for a bogus host to spoof users into giving up their passwords or password-generation algorithms. RADIUS allows the user to have a single user ID and password for all computers in a network. Improved usability due to the fact that the user has to remember only one login combination. RADIUS is able to:<br \/>\nPrevent RADIUS users from logging in via login (or ftp). Require them to log in via login (or ftp) Require them to login to a specific network access server (NAS); Control access by time of day.<br \/>\nProvides very granular control over the types of logins allowed, on a per-user basis.<br \/>\nThe time-out interval for failing over from an unresponsive primary RADIUS server to a backup RADIUS server is site-configurable. RADIUS gives System Administrator more flexibility in managing which users can login from which hosts or devices. Stratus Technology Product Brief<br \/>\n<a href=\"http:\/\/www.stratus.com\/products\/vos\/openvos\/radius.htm\" title=\"External link\" rel=\"nofollow noopener\" target=\"_blank\">http:\/\/www.stratus.com\/products\/vos\/openvos\/radius.htm<\/a><br \/>\nSource: KRUTZ, Ronald L. &#038; VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley &#038; Sons, Pages 43, 44. Also check: MILLER, Lawrence &#038; GREGORY, Peter, CISSP for Dummies, 2002, Wiley Publishing, Inc., pages 45-46.<\/div>\n<p><\/strong><\/span> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>RADIUS incorporates which of the following services? A. Authentication server and PIN codes. B. Authentication of clients and static passwords generation. C. Authentication of clients and dynamic passwords generation. D. Authentication server as well as support for Static and Dynamic passwords. Show Answer Hide Answer Correct Answer: D Explanation: A Network Access Server (NAS) operates [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[1078,102,3],"class_list":["post-107","post","type-post","status-publish","format-standard","hentry","category-systems-security-certified-practitioner-sscp","tag-choices","tag-question-0099","tag-systems-security-certified-practitioner-sscp"],"_links":{"self":[{"href":"https:\/\/exampracticetests.com\/ISC\/SSCP\/wp-json\/wp\/v2\/posts\/107","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/exampracticetests.com\/ISC\/SSCP\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/exampracticetests.com\/ISC\/SSCP\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/SSCP\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/SSCP\/wp-json\/wp\/v2\/comments?post=107"}],"version-history":[{"count":1,"href":"https:\/\/exampracticetests.com\/ISC\/SSCP\/wp-json\/wp\/v2\/posts\/107\/revisions"}],"predecessor-version":[{"id":1183,"href":"https:\/\/exampracticetests.com\/ISC\/SSCP\/wp-json\/wp\/v2\/posts\/107\/revisions\/1183"}],"wp:attachment":[{"href":"https:\/\/exampracticetests.com\/ISC\/SSCP\/wp-json\/wp\/v2\/media?parent=107"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/SSCP\/wp-json\/wp\/v2\/categories?post=107"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/SSCP\/wp-json\/wp\/v2\/tags?post=107"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}