Lightweight EAP (LEAP) is best described as which of the following?

• A. A proprietary protocol that only works on Cisco-based devices.
• B. A standard widely used across multiple vendors.
• C. An attestation model built upon XML for SOAP-based web services.
• D. An open standard decentralized protocol for authentication users.

Answer: (C)

Lightweight EAP is a wireless authentication method that was introduced by Cisco as a lightweight extension to the EAP framework. It’s not an open, vendor-agnostic standard; instead, it was designed to work primarily with Cisco access points and devices. LEAP carries credentials within the EAP tunnel, typically encapsulating MS-CHAPv2 inside EAP, which made it convenient for Cisco environments but left it less compatible with non-Cisco hardware. Because it’s a vendor-specific approach rather than a universal standard, it isn’t described as a widely adopted cross-vendor protocol, nor as an XML-based attestation model or a generic open standard for authentication. Over time, LEAP has fallen out of favor due to security weaknesses and is generally replaced by more robust options such as PEAP or EAP-TLS.