Which technology, in combination with PPPoE, can be used for authentication in this manner?

A network engineer has been asked to ensure that the PPPoE connection is established and authenticated using an encrypted password.

Which technology, in combination with PPPoE, can be used for authentication in this manner?
A . PAP
B . dot1x
C . IPsec
D . CHAP
E . ESP

Answer: D

Explanation:

With PPPoE, the two authentication options are PAP and CHAP. When CHAP is enabled on an interface and a remote device attempts to connect to it, the access server sends a CHAP packet to the remote device. The CHAP packet requests or “challenges” the remote device to respond. The challenge packet consists of an ID, a random number, and the host name of the local router. When the remote device receives the challenge packet, it concatenates the ID, the remote device’s password, and the random number, and then encrypts all of it using the remote device’s password. The remote device sends the results back to the access server, along with the name associated with the password used in the encryption process. When the access server receives the response, it uses the name it received to retrieve a password stored in its user database. The retrieved password should be the same password the remote device used in its encryption process. The access server then encrypts the concatenated information with the newly retrieved password ― if the result matches the result sent in the response packet, authentication succeeds.

The benefit of using CHAP authentication is that the remote device’s password is never transmittedin clear text (encrypted). This prevents other devices from stealing it and gaining illegal access to the ISP’s network.

Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/ scfathen.html

Latest 300-101 Dumps Valid Version with 798 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments