Certified Information Systems Security Professional (CISSP) — Question 436

Which of the following methods provides the MOST protection for user credentials?

Answer options

• A. Forms-based authentication
• B. Self-registration
• C. Basic authentication
• D. Digest authentication

Correct answer: D

Explanation

Digest authentication is more secure than Basic authentication because it hashes the credentials before transmission, preventing them from being sent in plain text. Forms-based authentication can also be secure, but it depends on implementation, while self-registration does not inherently secure credentials. Basic authentication sends credentials encoded in base64, which is easily reversible, making it less secure.