Which of the following should the administrator implement?

A security administrator must implement a network authentication solution which will ensure
encryption of user credentials when users enter their username and password to
authenticate to the network. Which of the following should the administrator implement?

A.
WPA2 over EAP-TTLS

B.
WPA-PSK

C.
WPA2 with WPS

D.
WEP over EAP-PEAP

Show Hint

← Previous question

Next question →

Leave a Reply 10

What?

volfkhat

Ha!!

This one is blatently wrong.
Now i am certain that a few others have been as well.

Nonetheless, the correct answer is: WPA2 over EAP-TTLS

tvp

EAP-TTLS (Tunneled Transport Layer Security) is designed to provide authentication that is as strong as EAP-TLS, but it does not require that each user be issued a certificate. Instead, only the authentication servers are issued certificates. User authentication is performed by password, but the password credentials are transported in a securely encrypted tunnel established based upon the server certificates.

The EAP-PEAP (Protected EAP) protocol is similar to EAP-TTLS. Unlike EAP-TTLS, which can tunnel any kind of authentication request (such as PAP or CHAP) and extended attributes, PEAP can tunnel only other EAP protocols inside its connection.

Both methods seem to encrypt the username and password, so why WEP over EAP-PEAP is the “correct” answer is beyond me.

Robb

As I read in comptia security+ book page 183 ” Although many consider PEAP and EAP-TTLS to be similar, PEAP is more secure because it establishes an encrypted channel between the server and the client”, so i think D is the correct one.

Hoss

I see the same thing in the book. For the sake of the test, I’ll go with what’s in the CompTIA book.

Tony

EAP-TTLS and EAP-PEAP provide the same ability “encryption of user credentials when users enter their username and password to authenticate”, since both establish a secured channel prior to authentication information being sent back to the TTLS/PEAP server. It was challenging to find info on EAP-PEAP.

No, the glaring thing here is WEP doesn’t support EAP of any kind.

spettro

I read somewhere that five EAP types adopted by the WPA/WPA2 standard are EAP-TLS, EAP-PSK, EAPMD5,LEAP and PEAP.

Ned Fred

Passed Security+ SY0-401 yesterday with 820/900 marks! Got 68 questions and 9 SIMs in total, the performance based questions appeared first, and got 11 sub questions in the first SIM.

All materials that I learned: 1). Gibson’s materials; 2). Messer’s materials; 3). premium passleader SY0-401 dumps (reviewed two times both pdf and vce dumps from: https://tr.im/qi7i9), 100% valid now!

Dallas Kiwikiwi

Hi! That short link is not available, I just found it here:

PL SY0-401 Dumps: http://www.passleader.com/sy0-401.html (1867q VCE and PDF)

Dallas Kiwikiwi

BTW, part of free PL SY0-401 dumps are available here:

https://drive.google.com/open?id=0B-ob6L_QjGLpcG9CWHp3bXlNTTg