CompTIA Security+ Exam: Question on Wireless Authentication Methods

Wireless Authentication Methods: PAP and PEAP with EAP Two-Factor Authentication

Prev Question Next Question

Question

A company is currently using the following configuration: -> IAS server with certificate-based EAP-PEAP and MSCHAP -> Unencrypted authentication via PAP A security administrator needs to configure a new wireless setup with the following configurations: -> PAP authentication method -> PEAP and EAP provide two-factor authentication Which of the following forms of authentication are being used? (Choose two.)

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E. F.

AC.

The new wireless setup will use PAP for authentication and PEAP with EAP for two-factor authentication. Therefore, the correct answers are A. PAP and B. PEAP.

PAP (Password Authentication Protocol) is a legacy authentication method that sends the user's password in clear text over the network, making it highly vulnerable to interception and eavesdropping. PAP should not be used in a secure wireless setup.

PEAP (Protected Extensible Authentication Protocol) is a more secure authentication protocol that encapsulates EAP authentication within a TLS (Transport Layer Security) tunnel, protecting the authentication traffic from eavesdropping and interception. PEAP provides a secure method for transmitting user credentials for authentication.

EAP (Extensible Authentication Protocol) is an authentication framework that supports various authentication methods such as EAP-TLS, EAP-TTLS, and EAP-PEAP. EAP allows for flexible authentication methods, making it an important component of a secure wireless setup.

MSCHAP (Microsoft Challenge Handshake Authentication Protocol) is an authentication protocol that provides a secure method for transmitting user credentials for authentication. However, it is not being used in the new wireless setup.

EAP-PEAP (EAP-Protected Extensible Authentication Protocol) is a variant of EAP that provides additional protection against man-in-the-middle (MITM) attacks. However, it is not being used in the new wireless setup.

In summary, the correct answers are A. PAP and B. PEAP.