New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CWNP CWSP-208 Exam - Topic 1 Question 4 Discussion

Actual exam question for CWNP's CWSP-208 exam
Question #: 4
Topic #: 1
[All CWSP-208 Questions]

Given: ABC Corporation is evaluating the security solution for their existing WLAN. Two of their supported solutions include a PPTP VPN and 802.1X/LEAP. They have used PPTP VPNs because of their wide support in server and desktop operating systems. While both PPTP and LEAP adhere to the minimum requirements of the corporate security policy, some individuals have raised concerns about MS-CHAPv2 (and similar) authentication and the known fact that MS-CHAPv2 has proven vulnerable in improper implementations.

As a consultant, what do you tell ABC Corporation about implementing MS-CHAPv2 authentication? (Choose 2)

Show Suggested Answer Hide Answer
Suggested Answer: B, D

by Oliva at Jul 08, 2025, 12:24 PM

Limited Time Offer

25%

Off

Get Premium CWSP-208 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Kris
2 months ago
MS-CHAPv2 isn't compliant with WPA2-Enterprise, just a heads up!
upvoted 0 times
...
Louis
2 months ago
Using it inside a TLS tunnel could help, but still risky.
upvoted 0 times
...
Chanel
2 months ago
Totally agree, it's not the best choice for security.
upvoted 0 times
...
Paulina
3 months ago
MS-CHAPv2 is definitely vulnerable to offline dictionary attacks.
upvoted 0 times
...
Felice
3 months ago
Wait, does anyone really think MS-CHAPv2 is secure?
upvoted 0 times
...
Melodie
3 months ago
I vaguely recall that using MS-CHAPv2 inside a TLS-encrypted tunnel could make it more secure, but I’m not confident about that.
upvoted 0 times
...
Belen
3 months ago
I practiced a question about LEAP and WEP, and I think it mentioned that LEAP's security relies heavily on WEP, which isn't great.
upvoted 0 times
...
Stevie
4 months ago
I’m not entirely sure, but I think MS-CHAPv2 is compliant with WPA-Personal but not WPA2-Enterprise. That seems important for their WLAN.
upvoted 0 times
...
Dottie
4 months ago
I remember reading that MS-CHAPv2 can be vulnerable to offline dictionary attacks, so I think that's a concern we should address.
upvoted 0 times
...
Glen
4 months ago
The key here is that MS-CHAPv2 has known vulnerabilities, even if it meets the minimum security requirements. I'd recommend using a more secure authentication method if possible.
upvoted 0 times
...
Rodrigo
4 months ago
Wait, I thought MS-CHAPv2 was compliant with WPA2-Enterprise. I'm not sure about the WPA-Personal part. I'll have to double-check that.
upvoted 0 times
...
Hyun
4 months ago
Okay, I remember learning that MS-CHAPv2 should only be used within a TLS-encrypted tunnel for WLAN security. That seems like the most secure approach.
upvoted 0 times
...
Charlene
5 months ago
Hmm, I'm a bit confused about the LEAP part. I know LEAP uses MS-CHAPv2, but I'm not sure if it's only secure with WEP. I'll have to think about that one.
upvoted 0 times
...
Celeste
5 months ago
I'm pretty confident about this one. MS-CHAPv2 is definitely vulnerable to offline dictionary attacks, so that's an easy choice.
upvoted 0 times
...
Ben
7 months ago
F) When implemented with AES-CCMP encryption, MS-CHAPv2 is very secure. Sounds like a plan to me, as long as we don't forget to throw in some pixie dust and unicorn tears for good measure.
upvoted 0 times
...
Val
7 months ago
I can't believe they're still using PPTP VPNs. That's like using a cardboard box to protect your valuables!
upvoted 0 times
...
Jovita
8 months ago
D) MS-CHAPv2 is only appropriate for WLAN security when used inside a TLS-encrypted tunnel. This helps mitigate the security risks associated with MS-CHAPv2.
upvoted 0 times
...
Hubert
8 months ago
B) MS-CHAPv2 is subject to offline dictionary attacks. This is a well-known vulnerability that makes it a poor choice for secure authentication.
upvoted 0 times
Lashawn
7 months ago
D) MS-CHAPv2 is only appropriate for WLAN security when used inside a TLS-encrypted tunnel.
upvoted 0 times
...
Aleisha
7 months ago
B) MS-CHAPv2 is subject to offline dictionary attacks.
upvoted 0 times
...
Audra
7 months ago
A) MS-CHAPv2 is compliant with WPA-Personal, but not WPA2-Enterprise.
upvoted 0 times
...
...
Joesph
8 months ago
I'm not sure about option E, MS-CHAPv2 uses AES authentication, and is therefore secure. Can someone explain this further?
upvoted 0 times
...
Torie
8 months ago
I agree with Samira, but we should also consider option D, MS-CHAPv2 is only appropriate for WLAN security when used inside a TLS-encrypted tunnel.
upvoted 0 times
...
Samira
8 months ago
I think we should go with option B, MS-CHAPv2 is subject to offline dictionary attacks.
upvoted 0 times
...

Save Cancel