CompTIA Security+ (SY0-501) — Question 598

A systems engineer is configuring a wireless network. The network must not require installation of third-party software. Mutual authentication of the client and the server must be used. The company has an internal PKI. Which of the following configurations should the engineer choose?

Answer options

• A. EAP-TLS
• B. EAP-TTLS
• C. EAP-FAST
• D. EAP-MD5
• E. PEAP

Correct answer: A

Explanation

EAP-TLS is the correct choice as it provides mutual authentication and leverages the existing PKI without needing third-party software. Other options like EAP-TTLS and PEAP also support mutual authentication but may involve additional complexities or dependencies on external components. EAP-FAST and EAP-MD5 do not meet the requirement for mutual authentication, making them unsuitable options.