A security analyst is monitoring authentication exchanges over the company’s wireless network. A sample of the Wireshark output is shown below:
Which of the following would improve the security posture of the wireless network?
A. Using PEAP instead of LEAP
B. Using SSL 2.0 instead of TLSv1.1
C. using aspx instead of .jsp
D. Using UDP instead of TCP
CS0-002: CompTIA CySA+ ExamFULL Printable PDF and Software. VALID exam to help you PASS. |
A
PEAP (Protected EAP) is a form of EAP developed by RSA, Microsoft, and Cisco. PEAP uses server-side PKI to build an encrypted EAP-TLS tunnel between the client and server prior to the client transmitting its authentication credentials (username, password, certs, etc.). PEAP is used to overcome some of the scalability problems associated with TLS.
Cisco’s LEAP is an older EAP that uses TKIP and dynamic WEP keys rather than PKI and TLS for authentication confidentiality. PEAP has largely replaced LEAP.