EAP Method for Network Device Admission Control Authentication

A.

Cisco TrustSec is a security solution that helps to provide secure access to network resources. Network Device Admission Control (NDAC) is one of the components of Cisco TrustSec that provides authentication for network devices.

When a network device attempts to connect to the network, NDAC verifies the device's identity and ensures that the device meets the security policy requirements before allowing access to the network. NDAC uses the Extensible Authentication Protocol (EAP) for authentication.

Out of the options given, the correct answer for the EAP method used for NDAC authentication is A. EAP-FAST.

EAP-FAST (Flexible Authentication via Secure Tunneling) is an EAP method that provides fast and secure authentication. It uses a TLS tunnel to protect the authentication process and can be used with a variety of user credentials, such as usernames and passwords, smart cards, and certificates. EAP-FAST does not require a pre-installed client certificate, which makes it easy to deploy and use.

EAP-TLS (Transport Layer Security) is an EAP method that uses digital certificates for authentication. It provides mutual authentication between the client and server, which means that both parties verify each other's identities. EAP-TLS is more secure than other EAP methods, but it requires more setup and configuration.

Protected Extensible Authentication Protocol (PEAP) is an EAP method that also uses TLS to protect the authentication process. It provides mutual authentication between the client and server and can be used with a variety of user credentials. PEAP is commonly used in wireless networks.

LEAP (Lightweight Extensible Authentication Protocol) is an older EAP method that uses usernames and passwords for authentication. It is no longer recommended for use due to security vulnerabilities.

In summary, the correct answer is A. EAP-FAST, which is used for NDAC authentication in Cisco TrustSec.