Cisco 200-105 Exam

Which two statements about using the CHAP authentication mechanism in a PPP link are true? (Choose two.)

  • A. CHAP uses a two-way handshake.
  • B. CHAP uses a three-way handshake.
  • C. CHAP authentication periodically occurs after link establishment.
  • D. CHAP authentication passwords are sent in plaintext.
  • E. CHAP authentication is performed only upon link establishment.
  • F. CHAP has no protection from playback attacks.
Answer: Option B. C.
Explanation: 

Understanding and Configuring PPP CHAP Authentication
http://www.cisco.com/en/US/tech/tk713/tk507/technologies_tech_note09186a00800b4131.shtml
One-Way and Two-Way AuthenticationCHAP is defined as a one-way authentication method. However, you use CHAP in both directions to create a two-way authentication. Hence, with two-wayCHAP, a separate three-way handshake is initiated by each side. In the Cisco CHAP implementation, by default, the called party must authenticate the calling party (unless authentication is completely turned off). Therefore, a one-way authentication initiated by the called party is the minimum possible authentication. However, the calling party can also verify the identity of the called party, and this results in a two-way authentication. One-way authentication is often required when you connect to non-Cisco devices.

Leave a Reply

Your email address will not be published.

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker
error: Alert: Content is protected !!