PrepAway - Latest Free Exam Questions & Answers

What is true about using EAP-Transport Layer Security (EAP-TLS) in the 802.1X process?

What is true about using EAP-Transport Layer Security (EAP-TLS) in the 802.1X process?

PrepAway - Latest Free Exam Questions & Answers

A.
Supplicants use a non-reversible hash to submit all login credentials.

B.
Supplicants are required to authenticate using digital certificates.

C.
EAP-TLS provides a flexible security framework, which can be customized for each
environment.

D.
Supplicant and application server are required to mutually authenticate with a username and
password, which are encrypted before being transmitted.

Explanation:
See http://en.wikipedia.org/wiki/Extensible_Authentication_Protocol#EAP-TLS or http://www.ietf.org/rfc/
rfc2716.txt
The EAP server will then respond with an EAP-Request packet with
EAP-Type=EAP-TLS. The data field of this packet will encapsulate one
or more TLS records. These will contain a TLS server_hello handshake
message, possibly followed by TLS certificate, server_key_exchange,
certificate_request, server_hello_done and/or finished handshake
messages, and/or a TLS change_cipher_spec message. The server_hello
handshake message contains a TLS version number, another random
number, a sessionId, and a ciphersuite. The version offered by the
server MUST correspond to TLS v1.0 or later.


Leave a Reply