nerdexam
CompTIA

SY0-301 · Question #882

On Monday, all company employees report being unable to connect to the corporate wireless network, which uses 802.1x with PEAP. A technician verifies that no configuration changes were made to the wir

The correct answer is D. The Remote Authentication Dial-In User Service server certificate has expired.. 802.1x with PEAP uses a RADIUS server for authentication, and PEAP creates an encrypted TLS tunnel that requires a valid server-side certificate. If that certificate expired over the weekend, every client attempting to authenticate on Monday would fail - explaining the sudden, wi

Security operations

Question

On Monday, all company employees report being unable to connect to the corporate wireless network, which uses 802.1x with PEAP. A technician verifies that no configuration changes were made to the wireless network and its supporting infrastructure, and that there are no outages. Which of the following is the MOST likely cause for this issue?

Options

  • AToo many incorrect authentication attempts have caused users to be temporarily disabled.
  • BThe DNS server is overwhelmed with connections and is unable to respond to queries.
  • CThe company IDS detected a wireless attack and disabled the wireless network.
  • DThe Remote Authentication Dial-In User Service server certificate has expired.

How the community answered

(43 responses)
  • A
    7% (3)
  • B
    16% (7)
  • C
    28% (12)
  • D
    49% (21)

Explanation

802.1x with PEAP uses a RADIUS server for authentication, and PEAP creates an encrypted TLS tunnel that requires a valid server-side certificate. If that certificate expired over the weekend, every client attempting to authenticate on Monday would fail - explaining the sudden, widespread outage with no configuration changes. Account lockouts (A) would affect individual users, not all simultaneously. DNS issues (B) do not impact 802.1x/RADIUS authentication. An IDS disabling the entire wireless network (C) is not a standard automated response. Certificate expiration is the classic cause of a sudden, total 802.1x/PEAP authentication failure.

Topics

#802.1x#PEAP#RADIUS#certificate expiration

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice