Which of the following wireless protocols could be vulnerable to a brute-force password attack? (Select
TWO).
A.
WPA2-PSKB. WPA – EAP – TLS
C.
WPA2-CCMP
D.
WPA -CCMP
E.
WPA – LEAP
F.
WEP
Explanation:
A brute force attack is an attack that attempts to guess a password. WPA2-PSK and WEP both use a “PreShared Key”. The pre-shared key is a password and therefore is susceptible to a brute force attack.
Incorrect Answers:
B: EAP-TLS uses the handshake protocol in TLS, not its encryption method. Client and server authenticate
each other using digital certificates. Client generates a pre-master secret key by encrypting a random
number with the server’s public key and sends it to the server. Both client and server use the pre-master
to generate the same secret key. WPA using EAP-TLS does not use a password or pre-shared key so it is
not susceptible to a brute force attack.
C: Counter Mode Cipher Block Chaining Message Authentication Code Protocol, Counter Mode CBC-MAC
Protocol or simply CCMP (CCM mode Protocol) is an encryption protocol. CCMP is an enhanced data
cryptographic encapsulation mechanism designed for data confidentiality and based upon the Counter
Mode with CBC-MAC (CCM) of the AES standard. The advanced encryption of CCMP ensures that WPA2
with CCMP is not susceptible to a brute force attack.
D: Counter Mode Cipher Block Chaining Message Authentication Code Protocol, Counter Mode CBC-MAC
Protocol or simply CCMP (CCM mode Protocol) is an encryption protocol. CCMP is an enhanced data
cryptographic encapsulation mechanism designed for data confidentiality and based upon the Counter
Mode with CBC-MAC (CCM) of the AES standard. The advanced encryption of CCMP ensures that WPA2
with CCMP is not susceptible to a brute force attack.E: LEAP (Lightweight Extensible Authentication Protocol) requires frequent re-authentication using
different keys. The frequent changing of the key makes WPA with LEAP less susceptible to a brute force
attack. Therefore, this answer is incorrecthttp://encyclopedia2.thefreedictionary.com/EAP-TLS