New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 ISSAP Exam - Topic 5 Question 25 Discussion

Actual exam question for ISC2's ISSAP exam
Question #: 25
Topic #: 5
[All ISSAP Questions]

Which of the following user authentications are supported by the SSH-1 protocol but not by the SSH-2 protocol? Each correct answer represents a complete solution. Choose all that apply.

Show Suggested Answer Hide Answer
Suggested Answer: A, B, C

Answer option D is incorrect. Password-based authentication is supported by both the SSH-1 and SSH-2 protocols.


by Alpha at May 05, 2022, 01:26 PM

Limited Time Offer

25%

Off

Get Premium ISSAP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Sommer
4 months ago
I didn't know TIS was even a thing, sounds kinda outdated!
upvoted 0 times
...
Latrice
4 months ago
Password-based auth is in both, right?
upvoted 0 times
...
Staci
4 months ago
Wait, are you sure about Rhosts? I thought SSH-2 had it too.
upvoted 0 times
...
Jaclyn
4 months ago
Totally agree, TIS and Rhosts are the odd ones out!
upvoted 0 times
...
Craig
5 months ago
A and B are the ones that SSH-1 supports but SSH-2 doesn't.
upvoted 0 times
...
Evan
5 months ago
I feel like Kerberos is a common method, but I can't recall if it was specific to SSH-1 or if it was also in SSH-2.
upvoted 0 times
...
Nguyet
5 months ago
I remember practicing a question about Rhosts authentication; I think it was mentioned that it's not supported in SSH-2.
upvoted 0 times
...
Dorothea
5 months ago
I think TIS authentication is one of the options, but I'm not entirely sure if it's exclusive to SSH-1.
upvoted 0 times
...
Amie
5 months ago
Password-based authentication seems like it should be in both, but I guess I need to double-check if it's listed as exclusive to SSH-1.
upvoted 0 times
...
Argelia
5 months ago
Okay, let's see here. The question is asking about an attack that prevents intended users from accessing a system or network. That sounds like a denial of service attack to me, so I'm going with A.
upvoted 0 times
...
Remona
5 months ago
Okay, I've got this. The key is to use secure protocols and configure the network to block spoofing. Monitoring for CRP caches with an IDS could also be helpful, but the other two options seem more directly relevant to the session hijacking issue.
upvoted 0 times
...

Save Cancel