Wireless Network Authentication Protocols

C.

The authentication protocol that the security engineer must select to support mutual authentication of the wireless client and the authentication server before users provide credentials, as well as support authentication with usernames and passwords, is C. PEAP.

PEAP (Protected Extensible Authentication Protocol) is an authentication protocol that is commonly used in wireless networks. PEAP supports mutual authentication between the client and the authentication server before the user credentials are provided. This means that both the client and the authentication server are authenticated to each other using a digital certificate, ensuring that only legitimate users and devices are allowed to connect to the network.

In addition, PEAP supports the use of usernames and passwords for authentication, which allows users to easily connect to the network using their existing credentials. PEAP achieves this by wrapping the authentication process in a secure encrypted tunnel, which protects the user's credentials from interception and ensures that only authorized users are granted access to the network.

EAP-FAST (Flexible Authentication via Secure Tunneling) is an authentication protocol that is similar to PEAP, but it is primarily used in environments where digital certificates are not available or practical to use. EAP-TLS (Transport Layer Security) is another authentication protocol that provides mutual authentication of the client and server using digital certificates, but it does not support the use of usernames and passwords for authentication. EAP (Extensible Authentication Protocol) is a framework that supports multiple authentication methods, but it does not provide any specific authentication mechanism on its own.

Therefore, based on the requirements described in the question, the most appropriate authentication protocol for the security engineer to select is C. PEAP.