CISSP PRACTICE QUESTIONS – 20220228

Effective CISSP Questions

You are implementing a wireless network that requires user authentication to connect to the access point. Which of the following best supports forwarding authentication requests from the authenticator to the authentication server? (Wentz QOTD)
A. 802.1X
B. VXLAN
C. EAP
D. RADIUS


Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. RADIUS.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.

802.1X Roles
802.1X Roles

802.1X

802.1X is also known as EAP over LAN (EAPoL), which requires supplicants (hosts) to authenticate to the authenticator (switches or APs) before they are connected to the network. The authenticator server is the server that hosts the directory as the identity provider.

RADIUS

802.1X authenticators typically don’t implement a directory to authenticate supplicants. Instead, they rely on external authentication servers through the RADIUS protocol.

Comparing TACACS+ and RADIUS
Comparing TACACS+ and RADIUS (Source: S.Y.A.)

Extensible Authentication Protocol (EAP)

Extensible Authentication Protocol (EAP) is an authentication framework based on which vendors can develop authentication protocols. EAP-based authentication protocols typically have the prefix EAP-, e.g., EAP-TLS.

Extensible Authentication Protocol (EAP)
Extensible Authentication Protocol (EAP)
EAP and 802.1X
EAP and 802.1X
EAP Protocol Comparison
EAP Protocol Comparison
VPN and EAP
VPN and EAP

Reference


您正在實施需要用戶身份驗證才能連接到AP的無線網絡。 以下哪項最支持將身份驗證請求從驗證者(authenticator)轉發到證服務器? (Wentz QOTD)
A. 802.1X
B. VXLAN
C. EAP
D. RADIUS

Leave a Reply