An analyst wants to implement a more secure wireless authentication for office access points. Which of the following technologies allows for encrypted authentication of wireless clients over TLS?
A. PEAP
B. EAP
C. WPA2
D. RADIUS
5 Comments on “Which of the following technologies allows for encrypte…”
EAP by itself is only an authentication framework.
PEAP (Protected Extensible Authentication Protocol) fully encapsulates EAP and is designed to work within a TLS (Transport Layer Security) tunnel that may be encrypted but is authenticated.
The primary motivation behind the creation of PEAP was to help correct the deficiencies discovered within EAP since that protocol assumes that the communications channel are protected. As a result, when EAP messages are able to be discovered in the “clear” they do not provide the protection that was assumed when the protocol was originally authored.
PEAP, EAP-TTLS, and EAP-TLS “protect” inner EAP authentication within SSL/TLS sessions.
7
1
blablasays:
EAP is a broad framework with many variants.
Some are secure and some are not.
EAP-TLS is highly secure
PEAP is secure
3
0
Tetra-Grammaton-Clericsays:
Keywords here are “a more secure wireless authentication… allows for encrypted authentication of wireless clients over TLS”
PEAP-EAP-TLS requires client installation of a client-side digital certificate or a more secure smartcard. PEAP-EAP-TLS is very similar in operation to the original EAP-TLS but provides slightly more protection because portions of the client certificate that are unencrypted in EAP-TLS are encrypted in PEAP-EAP-TLS.
EAP is the correct answer. Refer to https://www.cisco.com/en/US/tech/tk722/tk809/technologies_white_paper09186a008009256b.shtml
2
8
Correct answer is PEAP.
EAP by itself is only an authentication framework.
PEAP (Protected Extensible Authentication Protocol) fully encapsulates EAP and is designed to work within a TLS (Transport Layer Security) tunnel that may be encrypted but is authenticated.
The primary motivation behind the creation of PEAP was to help correct the deficiencies discovered within EAP since that protocol assumes that the communications channel are protected. As a result, when EAP messages are able to be discovered in the “clear” they do not provide the protection that was assumed when the protocol was originally authored.
PEAP, EAP-TTLS, and EAP-TLS “protect” inner EAP authentication within SSL/TLS sessions.
7
1
EAP is a broad framework with many variants.
Some are secure and some are not.
EAP-TLS is highly secure
PEAP is secure
3
0
Keywords here are “a more secure wireless authentication… allows for encrypted authentication of wireless clients over TLS”
PEAP-EAP-TLS requires client installation of a client-side digital certificate or a more secure smartcard. PEAP-EAP-TLS is very similar in operation to the original EAP-TLS but provides slightly more protection because portions of the client certificate that are unencrypted in EAP-TLS are encrypted in PEAP-EAP-TLS.
Answer: B
Ref: https://en.wikipedia.org/wiki/Protected_Extensible_Authentication_Protocol
1
10
can someone please elaborate on why not WPA2?
2
1