CompTIA Security+ (SY0-501) — Question 15

A security engineer is configuring a wireless network that must support mutual authentication of the wireless client and the authentication server before users provide credentials. The wireless network must also support authentication with usernames and passwords. Which of the following authentication protocols MUST the security engineer select?

Answer options

• A. EAP-FAST
• B. EAP-TLS
• C. PEAP
• D. EAP

Correct answer: C

Explanation

PEAP is the correct choice because it supports mutual authentication and allows for the use of usernames and passwords. EAP-FAST and EAP-TLS do not provide the same combination of features, as EAP-FAST is primarily focused on fast re-authentication, and EAP-TLS requires client certificates, making it unsuitable for username/password authentication.