PrepAway - Latest Free Exam Questions & Answers

what password related items should be addressed?

As a primary security engineer for a large corporate network you have been asked to author a new security policy for the wireless network while most clients devices support 802.11X authentication some legacy devices still passphrase.When writing the 802.11 security policy, what password related items should be addressed?

PrepAway - Latest Free Exam Questions & Answers

A.
Password should include a combination of upper and lower case latter, numbers, and special characters.

B.
Certificate should always by recommended instead of passwords for 802.11 client authentication.

C.
Password complexity should be maximized so that the weak IV attacks are prevented.

D.
Password creation process should be defined to maximize the strength of PSK based authentication.

E.
MSCHAPv2 passwords used with EAP/PEAPv0 should be stronger than typical WPA2=PSK passphrase.

Explanation:
Functional policies should include a password policy. This policy should state the length, complexity, and age limits of passwords used in authentication, in addition to simply requiring a password.

A base password complexity and length that is commonly used is a password of at least eight characters in length, at least one uppercase letter, at least one lowercase letter, at least one number, and at least one special character.

preshared keys (PSKs)A method of distributing encryption passphrases or keys by manually typing the matching passphrases or keys on both the access point and all client stations that will need to be able to associate to the wireless network. This information is shared ahead of time (preshared) by using a manual distribution method such as telephone, email, or face – to – face conversation. (passphrase is used in PSK so D is correct choice)

WPA2 required enterprise level security. Therefore in adition to EAP-TLS, WPA2 also supportsEAP/PEAPv0 and other EAP types. …implementations lacking strong password policis can easily be compromised with dictionary attacks.

http://docs.google.com/viewer?a=v&q=cache:f54HibctUrcJ:learningnetwork.cisco.com/servlet/Jive Servlet/download/53910-
8800/Explanation%2520and%2520recommendations%2520for%2520EAP%2520Implementations .doc+E.+802.11+security+policy+MSCHAPv2+passwords+used+with+EAP/PEAPv0+should+be+s tronger+than+typical+WPA2%3DPSK+passphrase&hl=en&gl=in&pid=bl&srcid=ADGEESj9_hCiNtr 779o7MmFifkZ5ToJW7q2nOr1CZw5uis95BU571YMCjNe_eL9wdttairqfJZGXjSrVVzXvIQDBcs0i8s JdrkuhnlsLqCU8Y1L3pfSo9G0LGUsGSoNIW2x7Wdnf_-
JK&sig=AHIEtbTjsAKqWLBNta5sulD1U6YcQveZ8A


Leave a Reply