Which three EAP methods require a server-side certificate? (Choose three.)
Click on the arrows to vote for the correct answerA. B. C. D. E.
The Extensible Authentication Protocol (EAP) is a framework for various authentication methods, and it requires the use of digital certificates for secure authentication. EAP methods use different types of authentication protocols and encryption methods for securing the communication between the client and the authentication server.
The three EAP methods that require server-side certificates are:
A. PEAP with MS-CHAPv2: Protected Extensible Authentication Protocol (PEAP) is an EAP type that uses a TLS tunnel between the client and the server to protect the authentication process. It supports multiple authentication methods, including Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAPv2). In this method, the client does not need to have a certificate, but the server must have a certificate.
B. EAP-TLS: EAP Transport Layer Security (EAP-TLS) is an EAP method that uses mutual authentication between the client and the server through digital certificates. Both the client and the server must have a certificate issued by a trusted certificate authority (CA).
C. EAP-FAST: EAP-Flexible Authentication via Secure Tunneling (EAP-FAST) is an EAP method that provides mutual authentication through a secure tunnel. It supports different authentication methods, including EAP-TLS, and requires a server-side certificate.
The other two EAP methods, EAP-TTLS and EAP-GTP, do not require a server-side certificate.
D. EAP-TTLS: EAP-Tunneled Transport Layer Security (EAP-TTLS) is an EAP method that uses a TLS tunnel to protect the authentication process. It supports different authentication methods, including MS-CHAPv2. EAP-TTLS requires only a client-side certificate, but the server does not need to have a certificate.
E. EAP-GTP: Extensible Authentication Protocol- Generic Token Card (EAP-GTC) is an EAP method that uses a generic token card to provide authentication. It does not require any certificate, neither server-side nor client-side.
In summary, the three EAP methods that require a server-side certificate are PEAP with MS-CHAPv2, EAP-TLS, and EAP-FAST.