Exam 200-301 topic 1 question 632 discussion

WPA2 aes is always 128 bit key for both psk and enterprise. The number of characters from passphrase dont have anything to do with the key length. It is not even possible to select the key length. Always 128.

AES-256 is more secure due to the longer key length, WPA2-PSK typically uses AES-128 encryption as standard.

it´s A The wireless encryption type used for WPA2 in preshared key mode is AES-128. WPA2 uses the Advanced Encryption Standard (AES) with a 128-bit key for encryption in this mode.

Thanks for all the posts. Here are my links confirming Option A 1 - he most significant upgrade in WPA2 is that it uses AES-CCMP encryption https://study-ccna.com/wifi-security/ 2- CCMP is 128bit https://en.wikipedia.org/wiki/CCMP_(cryptography)

This is from Boson CourseWare: WPA2, which implements the 802.11i wireless standard, was developed to address the security vulnerabilities in the WPA standard. One enhancement over WPA included in WPA2 is the encryption algorithm. Advanced Encryption System (AES) is a stronger encryption algorithm than the RC4 algorithm used by both WEP and WPA. AES uses a 128-bit block cipher to encrypt data and a security key of 128, 192, or 256 bits.

WPA2 mandates the use of a new protocol, counter mode with cipher-block chaining message authentication protocol (CCMP). CCMP uses the AES block cipher, replacing the RC4 cipher used in wired equivalent privacy (WEP) and temporal key integrity protocol (TKIP). A block cipher processes data in blocks, while a streaming cipher like rivest cipher 4 (RC4) processes data bit by bit, in a serial stream. The encryption method is commonly referred to as CCMP/AES. AES uses a 128-bit key and encrypts data in 128-bit blocks. CCMP/AES uses several enhancements, including temporal keys (TK), packet numbers (PN), nonce [number or bit string used only once], upper layer encryption, and additional authentication data (AAD). LINK: https://www.controleng.com/articles/wireless-security-ieee-802-11-and-ccmp-aes/

A. AES-128

A is correct

A ====> AES-128 is used.

cccccccccccccccccccccccccccc

AES-128 is used.

I agree with AES-128. The shared key may be 256 bits long but the encryption is 128 bits. https://en.wikipedia.org/wiki/Wi-Fi_Protected_Access#:~:text=Each%20wireless%20network%20device%20encrypts,to%2063%20printable%20ASCII%20characters.

this is the same link the website answer used. AES-128bit Black on white https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/67134-wpa2-config.html#:~:text=AES%20Counter%20Mode%20is%20a%20block%20cipher%20that%20encrypts%20128-bit%20blocks%20of%20data%20at%20a%20time%20with%20a%20128-bit%20encryption%20key.

The Answer should be AES-128 bit! cisco says that themselves on their website https://www.cisco.com/assets/sol/sb/isa500_emulator/help/guide/ae1217496.html#:~:text=Encryption%3A%20Choose%20the%20encryption%20type%3A%2064%20bits%20(10%20hex%20digits)%2C%2064%20bits%20(5%20ASCII)%2C%20128%20bits%20(26%20hex%20digits)%2C%20or%20128%20bits%20(13%20ASCII).%20The%20default%20is%2064%20bits%20(10%20hex%20digits).%20The%20larger%20size%20keys%20provide%20stronger%20encryption%2C%20thus%20making%20the%20key%20more%20difficult%20to%20crack.

WPA 2 implements the National Institute of Standards and Technology (NIST)-recommended Advanced Encryption Standard (AES) encryption algorithm with the use of Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP). AES Counter Mode is a block cipher that encrypts 128-bit blocks of data at a time with a 128-bit encryption key. The CCMP algorithm produces a message integrity code (MIC) that provides data origin authentication and data integrity for the wireless frame.

WPA2 Support only AES-CCMP (CCNA 200-301 Official Cert Guide, Volume 1 - Page 662). (AES-Counter Mode CBC-MAC Protocol) The encryption algorithm used in the 802.11i security protocol. It uses the AES block cipher, but restricts the key length to 128 bits. So I think its correct A - AS128