PrepAway - Latest Free Exam Questions & Answers

Which of the following forms of authentication are bein…

A company is currently using the following configuration:
+IAS server with certificate-based EAP-PEAP and MSCHAP
+Unencrypted authentication via PAP

A security administrator needs to configure a new wireless setup with the following configurations:
+PAP authentication method
+PEAP and EAP provide two-factor authentication

Which of the following forms of authentication are being used? (Select two.)

PrepAway - Latest Free Exam Questions & Answers

A.
PAP

B.
PEAP

C.
MSCHAP

D.
PEAP- MSCHAP

E.
EAP

F.
EAP-PEAP

2 Comments on “Which of the following forms of authentication are bein…

  1. meac says:

    VCGuide says A- PAP and C – MSCHAP, which I tend to agree.
    The question in itself already says that we us MSCHAP, and that the new wireless needs PAP.
    1) EAP is basically a framework and is used as transport the authentication protocol. Can be used for wireless and wired networks. It is NOT an authentication method on its own. So you can authenticate as you want, password, MD5, certificates, biometric….
    2) If you use EAP-MSCHAPv2, it means that your clients doesn’t need to have a certificate, but your authentication server (NPS) has a certificate. Passwords from the clients are send using hashes to the authentication server. To protect these password hashes being send over the network, you can use PEAP which act as a TLS/SSL tunnel to protect the authentication traffic.
    3) Only the authentication server (NPS) needs a certificate. EAP-MSCHAPv2 is a password based authentication method.
    4) You can use PEAP-EAP-MSCHAPv2 which use a certificate on the authentication server (NPS) and a password for clients. You can use PEAP-EAP-TLS which use a certificate on the authentication server and a certificate on the client. PEAP is used to protect to authentication traffic.




    2



    0
  2. melb says:

    AD – The question asks “Which of the following forms of authentication ARE being used” – “ARE” implies “CURRENTLY” – The top of the question says they are “CURRENTLY” using “EAP-PEAP and MSCHAP” and “PAP”. So (A) is definitely correct.
    However – the “EAP-PEAP and MSCHAP” is confusing. PEAP encompasses EAP (the leading “P” signifies PROTECTED EAP). So (D) encompasses all three (EAP, PEAP, and MSCHAP).
    PEAP (Protected Extensible Authentication Protocol) is a version of EAP, the AUTHENTICATION protocol used in wireless networks and Point-to-Point connections.
    https://searchsecurity.techtarget.com/definition/PEAP-Protected-Extensible-Authentication-Protocol




    0



    0

Leave a Reply