PdfPrep.com

An industry organization has implemented a system to allow trusted authentication between all of its partners. The system consists of a web of trusted RADIUS servers communicating over the Internet. An attacker was able to set up a malicious server and conduct a successful man-in-the-middle attack. Which of the following controls should be implemented to mitigate the attack in the future?

An industry organization has implemented a system to allow trusted authentication between all of its partners. The system consists of a web of trusted RADIUS servers communicating over the Internet. An attacker was able to set up a malicious server and conduct a successful man-in-the-middle attack. Which of the following controls should be implemented to mitigate the attack in the future?
A . Use PAP for secondary authentication on each RADIUS server
B . Disable unused EAP methods on each RADIUS server
C . Enforce TLS connections between RADIUS servers
D . Use a shared secret for each pair of RADIUS servers

Answer: C

Exit mobile version