GIAC
GSLC · Question #88
GSLC Question #88: Real Exam Question with Answer & Explanation
The correct answer is D. The wireless network communication will be secured.. WEP secures the wireless channel satisfying the first task, but PEAP-MS-CHAP v2 authenticates users via username and password - not smart cards - so the smart card requirement is not met.
Question
You work as a Network Administrator for McNeil Inc. The company has a Windows Server 2008 network environment. The network is configured as a Windows Active Directory-based single forest domain-based network. The company's management has decided to provide laptops to its sales team members. These laptops are equipped with smart card readers. The laptops will be configured as wireless network clients. You are required to accomplish the following tasks: - The wireless network communication should be secured. - The laptop users should be able to use smart cards for getting authenticated. In order to accomplish the tasks, you take the following steps: - Configure 802.1x and WEP for the wireless connections. - Configure the PEAP-MS-CHAP v2 protocol for authentication What will happen after you have taken these steps?
Options
- AThe laptop users will be able to use smart cards for getting authenticated.
- BNone of the tasks will be accomplished.
- CBoth tasks will be accomplished.
- DThe wireless network communication will be secured.
Explanation
WEP secures the wireless channel satisfying the first task, but PEAP-MS-CHAP v2 authenticates users via username and password - not smart cards - so the smart card requirement is not met.
Common mistakes.
- A. PEAP-MS-CHAP v2 is a username and password-based authentication protocol and cannot use smart card certificates; EAP-TLS is the correct protocol for certificate and smart card-based authentication.
- B. WEP does provide wireless encryption so the first task of securing wireless communication is accomplished, making it incorrect to say no tasks are completed.
- C. Both tasks are not accomplished because PEAP-MS-CHAP v2 lacks smart card support, leaving the second requirement unmet.
Concept tested. EAP authentication protocol selection for smart card support
Reference. https://learn.microsoft.com/en-us/windows-server/networking/technologies/nps/nps-top
Community Discussion
No community discussion yet for this question.