An administrator deploys a WPA2 Enterprise wireless network with EAP-PEAP-MSCHAPv2. The
deployment is successful and company laptops are able to connect automatically with no user
intervention. A year later, the company begins to deploy phones with wireless capabilities. Users report
that they are receiving a warning when they attempt to connect to the wireless network from their
phones. Which of the following is the MOST likely cause of the warning message?
A.
Mutual authentication on the phone is not compatible with the wireless network
B.
The phones do not support WPA2 Enterprise wireless networks
C.
User certificates were not deployed to the phones
D.
The phones’ built in web browser is not compatible with the wireless network
E.
Self-signed certificates were used on the RADIUS servers
P.S. Download that 1867q SY0-401 dumps for free here:
https://doc.co/FTT4SW
Good Luck!
0
0
B is not correct. Since you are using EAP-PEAP, then you have some form of certificate on each of the laptops. I suspect that the phones lack a certificate to permit connectivity. It is possible that the system is set up to hand out certs but in the beginning, there would still be an error message. I suspect that the answer is C.
0
0
If you have PEAP, only the Server requires a cert since they are using TLS. Mutual authentication is not required. Basically, the end systems need to accept WPA2–it is the AP that needs to work with Enterprise/PSK so that kills #2. Cert to the phones implies mutual authentication again. Web browser not compatible–could be plausible if the TLS version is not accepted. But it is hard to imagine. If you used a self signed cert on the Radius server, then the CA would not be listed in your root or intermediate CAs. When your phone tries to connect, it should complain that it does not recognize the cert and ask if you want to accept it. The correct answer is E, not C. I messed up.
0
0
■ PEAP: This is the Protected Extensible Authentication Protocol (also
known as Protected EAP). This uses MSCHAPv2, which supports authentication
via Microsoft Active Directory databases. It competes with
EAP-TTLS and includes legacy password-based protocols. It creates a
TLS tunnel by acquiring a public key infrastructure (PKI) certificate from a
server known as a certificate authority (CA).The TLS tunnel protects user authentication much like EAP-TTLS.
2
0