Q1: Digest authentication aims to avoid sending
Multiple Choice
**Explanation:**
**Correct (B):** Digest uses a challenge response style computation instead of raw password transmission
References (URLs)
Goal: explain nonce, realm, qop, and why modern systems often prefer other schemes.
Q2: Which response header carries a Digest challenge
Multiple Choice
**Explanation:**
**Correct (A):** The server challenges with WWW-Authenticate, the client responds with Authorization
Q3: In Digest, a nonce is primarily used to
Multiple Choice
**Explanation:**
**Terms:** replay resistance
**Correct (C):** The server can rotate or validate nonces to limit replay
Q4: Why is Digest authentication considered tricky in practice (select all)
Multi-Select
**Explanation:**
**Correct (A,B,C):** Implementation complexity and credential handling can be burdensome
**Options:**
- D (incorrect): It does not solve phishing
**Related:** Modern deployments often use token based schemes over TLS
Q5: What is the parameter name for the server challenge value in Digest (one word)
Short Text
**Explanation:**
**Correct:** nonce
Q6: A correct statement about Digest and TLS is
Multiple Choice
**Explanation:**
**Correct (B):** Digest does not provide channel integrity or protect metadata from passive observers