Which of the following is an weak implementation of EAP A EA

Which of the following is an weak implementation of EAP?

A. EAP-FAST

B. LEAP

C. PEAP

D. EAP-TLS

Solution

ans.B

------------------------------------------------------------------------------------------------------------------------------------------------------

-->LEAP offers mutual autherntication instead of a one-way authentication between supplicant and AS.
-->This elimintates the MITM attacks by rogue APs.
-->IT is vulnerable to dictionary attacks,because it mainly relies on MS-CHAPv2.
-->Theoretically LEAP is secure if complex enough passwords
are used .
-->By complex enough, we mean it is computationally infeasible to attempt an offline dictionary or
brute force attck.
-->An attacker now can crack the majority of enterprise WLAN that running LEAP ina few minutes without
any detection since the attack is passive and offline.
--> dictionary attack to LEAP is likely to occur, theimpact is high, and the risk is critical. Considering this risk, Cisco recommends users
move to other EAP methods, such as EAP-FAST, EAP-TLS or EAP-PEAP, to mitigate
the dictionary attack