Upgrade to remove ads
Chapter 28 - Key Terms
Get Quizlet's official CCNA - 1 term, 1 practice question, 1 full practice test
Terms in this set (27)
An IEEE standard that defines port-based access control for wired and wireless networks.
authentication server (AS)
An 802.1x entity that authenticates users or clients based on their credentials, as matched against a user database. In a wireless network, a RADIUS server is an AS.
An 802.1x entity that exists as a network device that provides access to the network. In a wireless network, a WLC acts as an authenticator.
Certificate Authority (CA)
A trusted entity that generates and signs digital certificates.
Counter/CBC-MAC Protocol (CCMP)
A wireless security scheme based on 802.11i that uses AES counter mode for encryption and CBC-MAC for data integrity.
EAP-Flexible Authentication by Secure Tunneling (EAP-FAST)
A Cisco authentication method that is based on EAP and uses a PAC as a credential for outer authentication and a TLS tunnel for inner authentication.
EAP Transport Layer Security (EAP-TLS)
An authentication method that uses digital certificates on both the server and the supplicant for mutual authentication. A TLS tunnel is used during client authentication and key exchanges.
802.1x EAP-based authentication requirement for WPA, WPA2, and WPA3.
Extensible Authentication Protocol (EAP)
A standardized authentication framework that is used by a variety of authentication methods.
A key exchange method used in WPA3 that prevents attackers from being able to use a discovered pre-shared key to unencrypt data that has already been transmitted over the air
Galois/Counter Mode Protocol (GCMP)
A strong encryption method used in the WPA3 wireless security model.
Lightweight EAP (LEAP)
A legacy Cisco proprietary wireless security method.
Message Integrity Check (MIC)
A cryptographic value computed from the contents of a data frame and used to detect tampering.
An 802.11 authentication method that requires clients to associate with an AP without providing any credentials at all.
Pre-shared key authentication as applied to WPA, WPA2, and WPA3.
protected access credential (PAC)
Special-purpose data that is used as an authentication credential in EAP-FAST.
Protected EAP (PEAP)
An authentication method that uses a certificate on the AS for outer authentication and a TLS tunnel for inner authentication. Clients can provide their credentials through either MS-CHAPv2 or GTC.
Protected Management Frame (PMF)
A service provided by WPA3 that protects a set of 802.11 robust management and action frames, to prevent spoofing of AP functions.
Public Key Infrastructure (PKI)
An enterprisewide system that generates and revokes digital certificates for client authentication.
An authentication server used with 802.1x to authenticate wireless clients.
Simultaneous Authentication of Equals (SAE)
A strong authentication method used in WPA3 to authenticate wireless clients and APs and to prevent dictionary attacks for discovering pre-shared keys.
An 802.1x entity that exists as software on a client device and serves to request network access.
Temporal Key Integrity Protocol (TKIP)
A wireless security scheme developed before 802.11i that provides a MIC for data integrity, a dynamic method for per-frame WEP encryption keys, and a 48-bit initialization vector. The MIC also includes a time stamp and the sender's MAC address.
Wired Equivalent Privacy (WEP)
An 802.11 authentication and encryption method that requires clients and APs to use a common WEP key.
Wi-Fi Protected Access (WPA)
The first version of a Wi-Fi Alliance standard that requires pre-shared key or 802.1x authentication, TKIP, and dynamic key management; based on parts of the 802.11i amendment before it was ratified.
WPA Version 2 (WPA2)
The second version of a Wi-Fi Alliance standard that requires preshared key or 802.1x authentication, TKIP or CCMP, and dynamic encryption key management; based on the complete 802.11i amendment after its ratification.
WPA Version 3 (WPA3)
The third version of a Wi-Fi Alliance standard introduced in 2018 that requires pre-shared key or 802.1x authentication, GCMP, SAE, and forward secrecy.
THIS SET IS OFTEN IN FOLDERS WITH...
Chapter 10 - Key Terms
Chapter 27 - Key Terms
Chapter 11 - Key Terms
Chapter 12 - Key Terms
OTHER SETS BY THIS CREATOR
Chapter 26 - Key Terms
Chapter 25 - Key Terms
Chapter 24 - Key Terms
Chapter 23 - Key Terms