Configuring a Dial-Up Connection: Ensuring Password Encryption | CISSP-ISSAP Exam Preparation

Which Protocols to Disable for Password Encryption during Remote Access?

Question

Mark has been hired by a company to work as a Network Assistant.

He is assigned the task to configure a dial-up connection.

He is configuring a laptop.

Which of the following protocols should he disable to ensure that the password is encrypted during remote access?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

C.

The protocol that Mark should disable to ensure that the password is encrypted during remote access is PAP (Password Authentication Protocol).

PAP is an authentication protocol that transmits passwords in clear text format. This means that if someone intercepts the communication, they can easily read the password. Therefore, it is not secure to use PAP for remote access.

On the other hand, MSCHAP (Microsoft Challenge Handshake Authentication Protocol) and MSCHAP V2 (Microsoft Challenge Handshake Authentication Protocol version 2) are authentication protocols that encrypt the password during remote access. Therefore, it is recommended to use them instead of PAP.

SPAP (Shiva Password Authentication Protocol) is another authentication protocol that encrypts the password during remote access. However, it is not commonly used these days.

In summary, Mark should disable PAP and use either MSCHAP or MSCHAP V2 to ensure that the password is encrypted during remote access.