Securing Your Network

Question 1

EAP

Answer 1

Extensible Authentication Protocol. Provides a method for two systems to create a secure encryption key, also known as a Pairwise Master Key (PMK).

Question 2

EAP-FAST

Answer 2

EAP-Flexible Authentication vis Secure Tunneling. Cisco designed EAP-FAST as a replacement for Lightweight EAP (LEAP). Supports certificates, but they are optional.

Question 3

PEAP

Answer 3

Protected EAP. Provides extra layer of protection for EAP. PEAP encapsulates and encrypts the EAP conversation in a Transport Layer Security (TLS) tunnel. Requires a certificate on the server, but not on the clients. Commonly implemented through MS-CHAPv2

Question 4

EAP-TTLS

Answer 4

EAP-Tunneled TLS. Extension of PEAP. Allows systems to use. some older authentication protocols such as PAP. Requires a certificate on the 802.1x server, but not on the clients.

Question 5

RADIUS Federation

Answer 5

Possible to create a federation using 802.1x and RADIUS servers.

Question 6

IPSec Tunneling Protocol

Answer 6

Provides security through Authentication and Encryption.

Question 7

TLS Tunneling Protocol

Answer 7

Use TLS to secure the VPN channel. Good option when IPSec is not feasible.

Question 8

Split Tunnel VPN

Answer 8

Administrator determines what traffic should use the encrypted tunnel.

Question 9

Full Tunnel VPN

Answer 9

All traffic goes through the encrypted tunnel.