I am self-studying for the CWSP and I am confused about this study question...
"When used for wireless security, what is a by-product of an 802.1X/EAP type with mutual authentication?"
answer is "Dynamic encryption key generation" but why is it not "master session key (MSK)"
thanks for any input.
Great question and I can see your confusion.
Think top down. First process is the MSK -- MSK is generated on the authentication server (radius server). It is very high level and one of the first processes. The MSK is used for seeding material for the PMK. But remember 802.1X is authentication, after authentication you THEN have a encryption process (4 way). So, what is the by-prouduct of EAP ? Once EAP is done it means you created PMK keys on both sides. These PMKs can now be used for creating your encryption. So that would be the correct answer.