Jane, a security administrator, needs to implement a secure wireless authentication method that uses a
remote RADIUS server for authentication.
Which of the following is an authentication method Jane should use?
A.
WPA2-PSK
B.
WEP-PSK
C.
CCMP
D.
LEAP
Explanation:
A RADIUS server is a server with a database of user accounts and passwords used as a central
authentication database for users requiring network access.
The Lightweight Extensible Authentication Protocol (LEAP) is a proprietary wireless LAN authentication
method developed by Cisco Systems. Important features of LEAP are dynamic WEP keys and mutual
authentication (between a wireless client and a RADIUS server). LEAP allows for clients to reauthenticate
frequently; upon each successful authentication, the clients acquire a new WEP key (with the hope that
the WEP keys don’t live long enough to be cracked). LEAP may be configured to use TKIP instead of
dynamic WEP.
Incorrect Answers:
A: WPA2-PSK (Wireless Protected Access 2 – Pre-shared Key) uses a pre-shared key for authentication.
The pre-shared key is a ‘password’ sometimes called the ‘network security key’ that you enter when you
connect to the wireless access point. It does not use a RADIUS server for authentication.B: WEP-PSK (Wireless Equivalent Privacy – Pre-shared Key) uses a pre-shared key for authentication in the
same way that WPA2-PSK does. The pre-shared key is a ‘password’ sometimes called the ‘network
security key’ that you enter when you connect to the wireless access point. It does not use a RADIUS
server for authentication.
C: Counter Mode Cipher Block Chaining Message Authentication Code Protocol, Counter Mode CBC-MAC
Protocol or simply CCMP (CCM mode Protocol) is an encryption protocol. CCMP is an enhanced data
cryptographic encapsulation mechanism designed for data confidentiality and based upon the Counter
Mode with CBC-MAC (CCM) of the AES standard. It was created to address the vulnerabilities presented
by WEP, a dated, insecure protocol. However, it does not use a RADIUS server for authentication.http://en.wikipedia.org/wiki/Lightweight_Extensible_Authentication_Protocol