NSE 7 – Network Security Architect — Question 31

When does a RADIUS server send an Access-Challenge packet?

Answer options

• A. The server does not have the user credentials yet.
• B. The server requires more information from the user, such as the token code for two-factor authentication.
• C. The user credentials are wrong.
• D. The user account is not found in the server.

Correct answer: B

Explanation

The correct answer is B because an Access-Challenge packet is sent when the server requires more information to authenticate the user, such as a token code for two-factor authentication. Option A is incorrect as the server has already received some credentials; option C is not applicable since the Access-Challenge is not sent due to incorrect credentials; and option D is wrong because an Access-Challenge isn't sent if the user account is not found.