CompTIA Security+ (SY0-501) — Question 530

A security administrator is configuring a RADIUS server for wireless authentication. The configuration must ensure client credentials are encrypted end-to-end between the client and the authenticator.
Which of the following protocols should be configured on the RADIUS server? (Choose two.)

Answer options

• A. PAP
• B. MSCHAP
• C. PEAP
• D. NTLM
• E. SAML

Correct answer: B, C

Explanation

The correct answers are MSCHAP and PEAP because both protocols provide encryption for client credentials during the authentication process. PAP does not encrypt credentials, making it less secure, while NTLM and SAML are not specifically designed for RADIUS authentication in this context.