Wireless Authentication Flashcards
Supplicant
EAP client device requesting network access.
Authenticator
Network device (AP or switch) that forwards authentication messages and enforces access policies.
Authenticator Server
Central server (e.g.
EAP-FAST
An EAP method that uses a protected TLS tunnel (with a PAC) for secure authentication.
Phases of EAP-FAST
Phase 1: Request initiation. Phase 2: Establish TLS tunnel. Phase 3: Grant network access.
EAP-TLS
Uses TLS and X.509 certificates to mutually authenticate supplicants and servers.
EAP-TTLS
Establishes a secure TLS tunnel (typically with only a server certificate) to encapsulate inner client authentication.
802.1X
IEEE standard for port-based network access control using EAP over the data link layer.
EAPoL
Protocol for transmitting EAP messages over wired LAN connections.
EAPoW
Informal term for applying EAP methods over wireless networks.
PEAP
Uses a server certificate to create a TLS tunnel and inner EAP (often MSCHAPv2) for client authentication.
WPS
Simplified wireless network setup via a push-button or PIN
Null Authentication Algorithm
A configuration where no authentication is performed.
Open System Authentication Model
Wireless access model that allows connection without credential verification.
Shared Key Authentication Process
IEEE 802.11 method (often used with WEP) using a pre-shared key for challenge–response authentication.
Wireless Centralized Server Authentication
802.1X-based authentication for wireless networks
PICAS
P – Physical limitations
I – Inventory of users and devices
C – Communication allowed
A – AP installation permission
S – Security standards
