CompTIA Security+ (SY0-501) — Question 852

An organization would like to set up a more robust network access system. The network administrator suggests the organization move to a certificate-based authentication setup in which a client-side certificate is used while connecting. Which of the following EAP types should be used to meet these criteria?

Answer options

• A. EAP-TLS
• B. EAP-FAST
• C. EAP-MD5
• D. EAP-TTLS

Correct answer: A

Explanation

EAP-TLS is the correct choice because it requires both the client and server to use certificates for authentication, which enhances security. The other options, such as EAP-FAST and EAP-MD5, do not provide the same level of security through certificate-based verification, while EAP-TTLS only requires the server to have a certificate, making it less secure than EAP-TLS.