Which of the following authentication processes are specified by the IEEE 802.11 standards? Each correct answer represents a complete solution. Choose all that apply.
A.
Open System authentication
B.
RADIUS
C.
Shared Key authentication
D.
EAP
Explanation:
Open System authentication is the default authentication method used by 802.11 devices. But, in fact, it provides no authentication at all. It exchanges messages between the two wireless devices without using any password or keys. A device configured to use the Open System authentication cannot refuse to authenticate another device. Shared key authentication is an authentication method specified in the 802.11 standard. In this
authentication, a static WEP key should be configured on the client. The shared key authentication has the following processes:
1. The client makes a request to the access point for shared key authentication by sending an authentication request.
2. The access point sends authentication response to the client. Authentication response contains challenge text in a clear text format.
3. The client uses its locally configured WEP key to encrypt the challenge text and replies with a subsequent authentication request.
4. If the access point can decrypt the authentication request and retrieve the original challenge text, then it responds with an authentication response that allows the client to access the network. Answer option B is incorrect. The radius-server key command is used to set the authentication and encryption key for all RADIUS communications between the switch and the RADIUS server. This command runs in the global configuration mode of the switch. In order to disable the key, the no form of this command is used.Syntax:
Switch(config)#radius-server key {string}
Where the word string is a key used to set authentication and encryption for all RADIUS communications between the switch and the RADIUS server. Answer option D is incorrect. Extensible Authentication Protocol (EAP) is an authentication protocol that provides support for a wide range of authentication methods, such as smart cards, certificates, one-time passwords, public keys, etc. It is an extension to Point-to-Point Protocol (PPP), which allows the application of arbitrary authentication mechanisms for the validation of a PPP connection.