Which of the following is least likely used to authenticate devices to prevent unauthorized ones from connecting to your wireless network?
A. 802.1X
B. Whitelist
C. Kerberos
D. Extensible Authentication Protocol (EAP)
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is C. Kerberos.
The core concept behind this question is network access control. That is, conducting authentication before a device is connected to a network, no matter it’s a LAN or WAN. Kerberos is primarily used after a device is successfully connected to a network; even though some studies exist on W-Kerberos, they are not ad hoc or industrial standards or widely implemented after all.
- Whitelist of pre-authorized MAC (Media Access Control) addresses is common on most wireless APs (access points). It is used to authenticate devices. However, MAC addresses can be manipulated or spoofed nowadays.
- “IEEE 802.1X is an IEEE Standard for port-based Network Access Control (PNAC). It is part of the IEEE 802.11 group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a LAN or WLAN.” (Wikipedia)
- The Extensible Authentication Protocol (EAP) is an extension to the PPP protocol that provides two inherent authentication protocols: PAP and CHAP.
Reference
- A Kerberos-Based Authentication Architecture for Wireless LANs
- A KERBEROS-BASED AUTHENTICATIONARCHITECTURE FOR WLANS
- Kerberos (protocol)
A BLUEPRINT FOR YOUR SUCCESS IN CISSP
My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.
- It is available on Amazon.
- Readers from countries or regions not supported by Amazon can get your copy from the author’s web site.
以下哪項最不可能用於對設備進行身份驗證,以防止未經授權的設備連接到您的無線網絡?
A. 802.1X
B. 白名單
C. Kerberos
D. 可擴展身份驗證協議(EAP)