802.11i was released in 2004. By the time 802.11i was ratified, it had added more support
for 802.1x methods and AES/CCMP for encryption. The Wi-Fi Alliance then released
WPA2 to be compatible with the 802.11i standard.
It was mentioned that AES is used for encryption. Advanced Encryption Standard-Cipher
Block Chaining Message Authentication Code Protocol (AES/CCMP) still uses the IV and
MIC, but the IV increases after each block of cipher.
Comparing WPA to WPA2, you can see that
■ WPA mandates TKIP, and AES is optional.
■ WPA2 mandates AES and doesn’t allow TKIP.
■ WPA allows AES in its general form.
■ WPA2 only allows the AES/CCMP variant.
■ With WPA2, key management allows keys to be cached to allow for faster connec-
tions.
To configure WPA2, from the W WL LA AN Nss > > E Ed diitt page, select the W WP PA A2 2 P Po olliic cy y option. Then
select either A AE ES S and T TK KIIP P or just A AE ES S as the default value, as shown in Figure 17-18.
Then select the authentication key management option; the choices are 802.1x, CCKM,
PSK, and 802.1X+CCKM.
Key TopicFigure 17-18 Configuring a WPA2 Policy
Exam Preparation Tasks
Review All the Key Topics
Review the most important topics from this chapter, denoted with the Key Topic icon.
Table 17-2 lists these key topics and the page number where each one can be found.
Table 17-2 Key Topics for Chapter 17
Key Topic Item Description Page Number
Figure 17-1 Client MFP in action 333
Figure 17-2 Configuring MFP 333
Paragraph from the section “Pre-
Steps describing the WEP
334
shared Key Authentication with
process
Wired Equivalent Privacy”
Figure 17-5 Configuring WEP 337
Figure 17-12 The EAP-TLS process 342
Figure 17-13 The EAP-FAST process 344
Figure 17-14 The PEAP process 345
Figure 17-15 The WPA process 346
Figure 17-18 Configuring WPA2 policy 349
Complete the Tables and Lists from Memory
Print a copy of Appendix B, “Memory Tables” (found on the CD) or at least the section
for this chapter, and complete the tables and lists from memory. Appendix C, “Memory
Tables Answer Key,” also on the CD, includes completed tables and lists to check your
work.
Definition of Key Terms
Define the following key terms from this chapter, and check your answers in the glossary:
Management Frame Protection (MFP), Infrastructure MFP, Message Integrity Check
(MIC), Frame Check Sequence (FCS), Client MFP, Initialization Vector (IV), supplicant,
authentication server, authenticator, Extensible Authentication Protocol (EAP), Extensible
Authentication Protocol-Transport Layer Security (EAP-TLS), Extensible Authentication
Protocol-Flexible Authentication via Secure Tunnel (EAP-FAST), Protected EAP (PEAP),
Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAPv2),
Generic Token Card (GTC), Lightweight Extensible Authentication Protocol (LEAP),
Wi-Fi Protected Access (WPA), Wi-Fi Protected Access 2 (WPA2), Temporal Key In-
tegrity Protocol (TKIP), Advanced Encryption Standard (AES), Pairwise Master Key
(PMK), Pairwise Transient Key (PTK), Group Transient Key (GTK), Message Integrity
Code (MIC), Group Master Key (GMK), Group Temporal Key (GTK)
References
Infrastructure Management Frame Protection (MFP) with WLC and LAP Configuration
Example: https://traloihay.net
Bạn đang xem 802. - CCNA WIRELESS OFFICIAL EXAM CERTIFICATION GUIDE PART 38 DOC