Which of the following wireless protocols could be vulnerable to a brute-force password attack? (Select TWO).
A.
WPA2-PSK
B.
WPA – EAP – TLS
C.
WPA2-CCMP
D.
WPA -CCMP
E.
WPA – LEAP
F.
WEP
Explanation:
A brute force attack is an attack that attempts to guess a password. WPA2-PSK and WEP both use a “Pre-Shared Key”. The pre-shared key is a password and
therefore is susceptible to a brute force attack.
Incorrect Answers:
B: EAP-TLS uses the handshake protocol in TLS, not its encryption method. Client and server authenticate each other using digital certificates. Client generates a
pre-master secret key by encrypting a random number with the server’s public key and sends it to the server. Both client and server use the pre-master to generate
the same secret key. WPA using EAP-TLS does not use a password or pre-shared key so it is not susceptible to a brute force attack. Therefore, this answer is
incorrect.
C: Counter Mode Cipher Block Chaining Message Authentication Code Protocol, Counter Mode CBC-MAC Protocol or simply CCMP (CCM mode Protocol) is an
encryption protocol. CCMP is an enhanced data cryptographic encapsulation mechanism designed for data confidentiality and based upon the Counter Mode with
CBC-MAC (CCM) of the AES standard. The advanced encryption of CCMP ensures that WPA2 with CCMP is not susceptible to a brute force attack.
Therefore, this answer is incorrect.
D: Counter Mode Cipher Block Chaining Message Authentication Code Protocol, Counter Mode CBC-MAC Protocol or simply CCMP (CCM mode Protocol) is an
encryption protocol. CCMP is an enhanced data cryptographic encapsulation mechanism designed for data confidentiality and based upon the Counter Mode with
CBC-MAC (CCM) of the AES standard. The advanced encryption of CCMP ensures that WPA2 with CCMP is not susceptible to a brute force attack.
Therefore, this answer is incorrect.
E: LEAP (Lightweight Extensible Authentication Protocol) requires frequent re-authentication using different keys. The frequent changing of the key makes WPA
with LEAP less susceptible to a brute force attack. Therefore, this answer is incorrecthttp://encyclopedia2.thefreedictionary.com/EAP-TLS