Many access control systems rely upon password-based mechanisms to implement something you know. One of the common applications of password security is to secure virtual private networks and other remote access technologies. In this video, learn how password authentication works, including the CHAP and PAP protocols.
- [Instructor] Many access control systems…rely upon password-based mechanisms…to implement something-you-know security.…One of the most common applications of password security…is to secure virtual private networks…and other remote access technologies.…Let's take a look at the protocols used…to implement remote access password security.…The Password Authentication Protocol, or PAP,…is the earliest of these protocols.…In this protocol,…the client wishes to authenticate to a server,…and both the client and server know the user's password.…
The client simply transmits the username…and password to the server,…and the server validates the password.…That's about as simple as it gets…and successfully implements password authentication,…but there's one major flaw to this protocol.…PAP does not use any encryption…to protect this communication.…Anyone able to eavesdrop on the connection…can read the username and password right off the network.…For this reason, PAP should not be used,…except under circumstances where the transmission…
You can sign up for Mike's free study group at certmike.com, and find his study guides at the Sybex test prep site. To review the complete CISSP Body of Knowledge, visit https://www.isc2.org/cissp-domains/default.aspx.
Note: This course is part of a series releasing throughout 2018. A complete learning path will be available once all the courses are released.
- Identity and access management overview
- Identification mechanisms: user names, access cards, biometrics, and registration
- Authentication factors
- Password authentication protocols
- Identity as a service (IDaaS)
- Enforcing accountability
- Managing credentials with policies
- Using access control lists
- Defending against access control attacks
Skill Level Advanced
1. Identity and Access Management
5. Credential Management
7. Access Control Attacks
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.