CompTIA CASP+ Practice Test

What is a recommended approach to protect authentication credentials used for verifying end-user identity?

• A. Using strong, complex passwords
• B. Implementing biometric authentication methods
• C. Establishing two-factor authentication
• D. Encrypting credentials during transmission

The correct answer is: Encrypting credentials during transmission

The recommended approach to protect authentication credentials used for verifying end-user identity by encrypting credentials during transmission is highly effective because it ensures that sensitive data, such as passwords and authentication tokens, cannot be intercepted and understood by unauthorized individuals while they are being transmitted over networks. This is critical in protecting against attacks such as man-in-the-middle (MitM) attacks, where an attacker could eavesdrop on unencrypted communication channels. Encrypting credentials during transmission secures the data in transit, making it unreadable to anyone who might intercept the communication. By leveraging protocols like HTTPS or using secure tunnel protocols like VPNs, organizations significantly enhance the security of their authentication processes. Other methods listed, such as using strong, complex passwords, implementing biometric authentication methods, and establishing two-factor authentication, are certainly important for providing layers of security. However, without encrypting credentials in transit, even the strongest passwords and multi-layered authentication systems can be compromised if the credentials can be intercepted during transmission. Therefore, while all these methods contribute to an overall security strategy, encrypting credentials during transmission specifically addresses the protection of sensitive data in transit.