CompTIA Security+ (SY0-501) — Question 776

A security analyst is hardening a large-scale wireless network. The primary requirements are the following:
✑ Must use authentication through EAP-TLS certificates
✑ Must use an AAA server
✑ Must use the most secure encryption protocol
Given these requirements, which of the following should the analyst implement and recommend? (Choose two.)

Answer options

• A. 802.1X
• B. 802.3
• C. LDAP
• D. TKIP
• E. CCMP
• F. WPA2-PSK

Correct answer: A, F

Explanation

The correct choices are A (802.1X) and F (WPA2-PSK) because 802.1X is a network access control protocol that supports EAP-TLS for authentication and is compatible with AAA servers. WPA2-PSK is not as secure as WPA2-Enterprise using EAP-TLS, but it is commonly used in smaller networks. The other options (B, C, D, E) do not meet all specified requirements for secure authentication and encryption.