Exam 312-50v13 Topic 1 Question 76 Discussion

Actual exam question for ECCouncil's 312-50v13 exam
Question #: 76
Topic #: 1
What hacking attack is challenge/response authentication used to prevent?

Suggested Answer: A Vote an answer

Challenge/response authentication is designed to prevent replay attacks. In this mechanism:
* The server sends a random "challenge" string.
* The client uses its secret (like a password or private key) to generate a response.
* The server verifies that the response matches what it expected for that challenge.
Since the challenge is random and changes each time, an attacker cannot simply capture and replay previous responses to gain unauthorized access.
From CEH v13 Courseware:
* Module 11: Session Hijacking
* Module 6: Authentication Protocols
CEH v13 Study Guide states:
"Challenge-response authentication prevents replay attacks by using dynamically generated nonces or challenge tokens that change with each session." Incorrect Options:
* B: Scanning attacks are not related to authentication mechanisms.
* C: Session hijacking involves active takeovers, not replaying login attempts.
* D: Password cracking targets password hashes, not session tokens.
Reference:CEH v13 Study Guide - Module 11: Authentication Mechanisms and Replay Attack MitigationRFC 2831 - Digest Access Authentication

by Marvin at Jun 26, 2026, 09:30 AM

Limited Time Offer

15%

Off

Get Premium 312-50v13 Questions as Interactive Self Test Engine or PDF

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
0
0
0
10