Which authentication method relies on a password-based authentication and key agreement that provides forward secrecy?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the CompTIA SecurityX Test. Equip yourself with comprehensive flashcards and multiple choice questions that include hints and explanations. Gear up for your certification exam!

Multiple Choice

Which authentication method relies on a password-based authentication and key agreement that provides forward secrecy?

This question is about a password-based authentication that also establishes a key agreement with forward secrecy. Simultaneous Authentication of Equals (SAE) fits this exactly. SAE is a password-based PAKE (password-authenticated key exchange) used in WPA3. It lets the client and access point prove knowledge of the shared password without sending it over the air, while jointly deriving a fresh session key for each connection. Because the session key depends on ephemeral values generated during the handshake, past session keys cannot be derived if the password were later compromised—providing forward secrecy.

Other options don’t match this combination. TLS can provide forward secrecy with ephemeral key exchange, but it is not inherently a password-based authentication method. Kerberos relies on tickets issued by a trusted authority rather than a PAKE, and OAuth 2.0 is an authorization framework, not a password-based authentication and key-exchange mechanism.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy