Configuring Local MAC Authentication on an AP

A.

Option A: A MAC address can be spoofed, so it is insecure. This statement is true. MAC addresses can be easily spoofed, which means that attackers can impersonate legitimate clients by using the same MAC address. This type of authentication is not very secure since MAC addresses can be easily manipulated.

Option B: The MAC address is used instead of the username in the EAP certificate exchange. This statement is not true. Local MAC authentication is a method of authenticating wireless clients based on their MAC addresses. EAP (Extensible Authentication Protocol) is a framework for providing authentication services in wireless networks. While EAP can use a variety of authentication methods, it typically involves exchanging certificates between the client and the authentication server, and the client's MAC address is not used in this process.

Option C: The MAC address may be used in the key hash, if WEP is used as a key cipher. This statement is true. Wired Equivalent Privacy (WEP) is a security protocol for wireless networks that uses a shared key to encrypt data. In WEP, the key is derived from a combination of a user-defined key and the MAC address of the client. This means that the client's MAC address is used in the key hash.

Option D: MAC address authentication cannot co-exist with EAP authentication. This statement is not true. MAC address authentication and EAP authentication can coexist in the same wireless network. MAC address authentication is typically used as a fallback method in case the client does not support EAP or if the EAP exchange fails. In such cases, the client's MAC address can be used to grant access to the network.