CompTIA Security+ (SY0-501) — Question 551

A company wants to implement a wireless network with the following requirements:
✑ All wireless users will have a unique credential.
✑ User certificates will not be required for authentication.
✑ The company's AAA infrastructure must be utilized.
✑ Local hosts should not store authentication tokens.
Which of the following should be used in the design to meet the requirements?

Answer options

• A. EAP-TLS
• B. WPS
• C. PSK
• D. PEAP

Correct answer: D

Explanation

PEAP (Protected Extensible Authentication Protocol) is suitable as it allows for secure authentication without requiring user certificates and utilizes existing AAA infrastructure. EAP-TLS requires certificates for authentication, which contradicts the requirement. WPS (Wi-Fi Protected Setup) is not focused on user credentials, and PSK (Pre-Shared Key) does not provide unique credentials for each user, making them inappropriate choices.