CompTIA CASP+ Practice Test

Which methods should be integrated for the Credential Security Support Provider (CredSSP) in a remote desktop service environment?

• A. Token-based authentication and network level encryption
• B. Kerberos and NTLM
• C. Username and password authentication
• D. SSL and TLS

The correct answer is: Kerberos and NTLM

Integrating Kerberos and NTLM as methods for the Credential Security Support Provider (CredSSP) in a remote desktop service environment is essential because they are both robust and established authentication protocols that enhance security during remote sessions. Kerberos is a network authentication protocol designed to provide strong authentication for client/server applications through secret-key cryptography. It enables secure ticket-based authentication, which significantly minimizes the risk of exposure to cyber threats since credentials are not sent over the network in plain text. This makes it especially useful in environments where secure and efficient authentication is critical. NTLM (NT LAN Manager), on the other hand, complements Kerberos by providing backward compatibility for environments where Kerberos may not be supported. Although NTLM is less secure than Kerberos, it still serves a role in authenticating users and providing security for remote sessions, especially in mixed environments. Combining these two methods leverages the strengths of each protocol, ensuring that credential handling is done securely and effectively during remote desktop sessions. This is particularly beneficial in scenarios where different systems may require various authentication methods, ensuring compatibility while maintaining security. In contrast, options like token-based authentication and network level encryption, while relevant to general security practices, do not specifically address authentication methods utilized by CredSSP