ISC2 SSCP Exam - Topic 9 Question 107 Discussion

Actual exam question for ISC2's SSCP exam

Question #: 107
Topic #: 9

[All SSCP Questions]

Which of the following choices describe a Challenge-response tokens generation?

AA workstation or system that generates a random challenge string that the user enters into the token when prompted along with the proper PIN.

BA workstation or system that generates a random login id that the user enters when prompted along with the proper PIN.

CA special hardware device that is used to generate ramdom text in a cryptography system.

DThe authentication mechanism in the workstation or system does not determine if the owner should be authenticated.

Show Suggested Answer

Suggested Answer: A

Challenge-response tokens are:

- A workstation or system generates a random challenge string and the owner enters the string into the token along with the proper PIN.

- The token generates a response that is then entered into the workstation or system.

- The authentication mechanism in the workstation or system then determines if the owner should be authenticated.

Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 37.

Also: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, chapter 4: Access Control (pages 136-137).

by Na at Aug 13, 2025, 04:13 PM

Limited Time Offer

25%

Off

Get Premium SSCP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Ressie

1 month ago

Totally agree with A, it's the standard method!

upvoted 0 times

...

Tegan

2 months ago

Wait, D doesn't even make sense, right?

upvoted 0 times

...

Kimbery

2 months ago

C sounds interesting, but not really what challenge-response is.

upvoted 0 times

...

Laurel

2 months ago

I think B is misleading, it's not about login IDs.

upvoted 0 times

...

Josefa

2 months ago

Definitely A, that's how challenge-response works!

upvoted 0 times

...

Yen

3 months ago

Option B seems off because generating a random login ID doesn't really fit the challenge-response concept, right?

upvoted 0 times

...

Ettie

3 months ago

I remember practicing a question similar to this, and I think the challenge-response involves entering something unique like a challenge string, so A seems right to me.

upvoted 0 times

...

Lourdes

4 months ago

I'm not entirely sure, but I feel like option C might be related to cryptographic tokens, though it doesn't specifically mention challenge-response.

upvoted 0 times

...

Josphine

4 months ago

I think option A sounds familiar because it mentions a random challenge string, which is what we discussed in class about challenge-response systems.

upvoted 0 times

...

Carmela

4 months ago

This is a good test of our understanding of challenge-response authentication. I'm going to carefully consider each option and try to eliminate the ones that don't fit the description.

upvoted 0 times

...

Lennie

4 months ago

I'm a little confused by the wording of some of these options. I'll need to re-read them a few times to make sure I'm understanding them correctly before answering.

upvoted 0 times

...

Terina

4 months ago

Okay, let's see. I think option A is the right choice here - it describes a challenge-response token generation process where the user enters a random challenge string along with their PIN.

upvoted 0 times

...