Which EAP method utilizes simple passwords and the challenge-handshake authentication process to provide remote access authentication?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Get ready for the CompTIA SecurityX exam! Study with multiple choice questions, each crafted to enhance understanding and confidence for your certification journey. Successfully navigate every section to achieve your goal!

Multiple Choice

Which EAP method utilizes simple passwords and the challenge-handshake authentication process to provide remote access authentication?

Explanation:
EAP-MD5 is the method that fits this description because it uses a simple password and a challenge-response (CHAP-style) handshake to authenticate remote access. In this approach, the server issues a random challenge, and the client responds with an MD5 hash of that challenge combined with the user’s password. The server then recomputes the hash to verify the response. This mirrors the CHAP concept where authentication is proven without sending the password itself, just a hash-based response. Other EAP methods rely on certificates (EAP-TLS), protected tunnels with inner methods (EAP-TTLS, EAP-FAST), or more complex credential handling, and do not match the idea of a straightforward password plus a challenge-response handshake. While simple and lightweight, EAP-MD5 has security drawbacks, such as the lack of mutual authentication and susceptibility to dictionary attacks, which is why stronger methods are preferred in modern deployments.

EAP-MD5 is the method that fits this description because it uses a simple password and a challenge-response (CHAP-style) handshake to authenticate remote access. In this approach, the server issues a random challenge, and the client responds with an MD5 hash of that challenge combined with the user’s password. The server then recomputes the hash to verify the response. This mirrors the CHAP concept where authentication is proven without sending the password itself, just a hash-based response. Other EAP methods rely on certificates (EAP-TLS), protected tunnels with inner methods (EAP-TTLS, EAP-FAST), or more complex credential handling, and do not match the idea of a straightforward password plus a challenge-response handshake. While simple and lightweight, EAP-MD5 has security drawbacks, such as the lack of mutual authentication and susceptibility to dictionary attacks, which is why stronger methods are preferred in modern deployments.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy