Networking with Windows Server 2016 — Question 28

Your network contains an Active Directory domain. The domain contains a certification authority (CA) and a Network Policy Server (NPS) server.
You plan to deploy Remote Access Always On VPN.
Which authentication method should you use?

Answer options

• A. Microsoft: EAP-TTLS
• B. Microsoft: Secured password
• C. Microsoft: Protected EAP
• D. Microsoft: EAP-AKA

Correct answer: C

Explanation

The correct answer is C, Microsoft: Protected EAP, as it provides strong security features suitable for VPN connections. Options A and D, while valid EAP methods, do not offer the same level of security for Always On VPN, and option B lacks the necessary encryption and security protocols.