RADIUS Security: Key Points to Know

Understanding RADIUS Security

Prev Question Next Question

Question

Which statement about RADIUS security is true?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

A

Answer A is true: RADIUS (Remote Authentication Dial-In User Service) supports EAP (Extensible Authentication Protocol) authentication for connecting to wireless networks. EAP is an authentication framework that provides support for a wide range of authentication methods, including password-based authentication, certificate-based authentication, and token-based authentication. By supporting EAP, RADIUS can be used to authenticate wireless clients connecting to a wireless network.

Answer B is false: RADIUS does not provide encrypted multiprotocol support. While RADIUS can provide authentication and authorization for multiple protocols, such as PPP (Point-to-Point Protocol) and Ethernet, it does not provide encryption for these protocols. However, RADIUS can be used in conjunction with other protocols that provide encryption, such as IPSec (Internet Protocol Security).

Answer C is false: Device-administration packets are not encrypted in their entirety by RADIUS. RADIUS provides authentication and authorization services for network devices, but it does not encrypt the data being transmitted. However, some device-administration protocols, such as SNMPv3 (Simple Network Management Protocol version 3), provide encryption for their packets.

Answer D is false: RADIUS does not ensure that user activity is fully anonymous. RADIUS provides authentication and authorization services, but it does not provide anonymity for user activity. User activity can be monitored and tracked by network administrators through other means, such as logging and auditing.

In summary, only answer A is true. RADIUS supports EAP authentication for connecting to wireless networks, while it does not provide encrypted multiprotocol support, does not encrypt device-administration packets in their entirety, and does not ensure that user activity is fully anonymous.