CompTIA Security Plus Mock Test Q1061

A security administrator has been tasked with setting up a new internal wireless network that must use end to end TLS. Which of the following may be used to meet this objective?

A. WPA
B. HTTPS
C. WEP
D. WPA 2

Correct Answer: D
Section: Cryptography

Explanation:
Wi-Fi Protected Access 2 (WPA2) was intended to provide security that’s equivalent to that on a wired network, and it implements elements of the 802.11i standard. In April 2010, the
Wi-Fi Alliance announced the inclusion of additional Extensible Authentication Protocol (EAP) types to its certification programs for WPA- and WPA2- Enterprise certification programs.
EAP-TLS is included in this certification program.
Note: Although WPA mandates the use of TKIP, WPA2 requires Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP). CCMP uses 128-bit AES
encryption with a 48-bit initialization vector. With the larger initialization vector, it increases the difficulty in cracking and minimizes the risk of a replay attack.

Incorrect Answers:
A: The difference between WPA and WPA2 is that the former implements most, but not all, of 802.11i in order to be able to communicate with older wireless devices that might still
need an update through their firmware in order to be compliant.
B: HTTPS is not a protocol for wireless communication. HTTPS is a communications protocol for secure communication over a computer network, with especially wide deployment on
the Internet.
C: In 2003 the Wi-Fi Alliance announced that WEP had been superseded by Wi-Fi Protected Access (WPA). WEP does include support for TLS.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 75, 171, 172-173, 274