CISSP – Information Systems Security Architecture Professional (ISSAP) — Question 3

Which of the following user authentications are supported by the SSH-1 protocol but not by the SSH-2 protocol? Each correct answer represents a complete solution. Choose all that apply.

Answer options

• A. TIS authentication
• B. Rhosts (rsh-style) authentication
• C. Kerberos authentication
• D. Password-based authentication

Correct answer: B, A, C

Explanation

The correct answers, B, A, and C, indicate authentication methods that SSH-1 supports but SSH-2 does not. Specifically, Rhosts and TIS authentication are legacy methods that have been deprecated in SSH-2, while Kerberos is not supported in the same manner. Password-based authentication, however, is available in both protocols.