Palo Alto Networks Certified Network Security Engineer (PCNSE) — Question 28

Which Captive Portal mode must be configured to support MFA authentication?

Answer options

• A. NTLM
• B. Redirect
• C. Single Sign-On
• D. Transparent

Correct answer: B

Explanation

The Redirect mode is necessary for Multi-Factor Authentication (MFA) because it allows users to be redirected to an external authentication server that can handle the MFA process. The other options, such as NTLM and Single Sign-On, do not facilitate the necessary redirection required for MFA, while Transparent mode does not require user interaction for authentication.