A wireless network has the following design requirements: -> Authentication must not be dependent on enterprise directory service -> It must allow background reconnection for mobile users -> It must not depend on user certificates Which of the following should be used in the design to meet the requirements? (Choose two.)
Click on the arrows to vote for the correct answer
A. B. C. D. E.BE.
The design requirements state that the wireless network must not be dependent on the enterprise directory service for authentication, must allow background reconnection for mobile users, and must not depend on user certificates.
PEAP (Protected Extensible Authentication Protocol) is a secure authentication protocol that requires a certificate to be installed on the server, making it dependent on user certificates. Therefore, it does not meet the requirements of the design.
PSK (Pre-Shared Key) is a simple and easy-to-configure authentication method that uses a shared key to authenticate users. It meets the requirement of not being dependent on user certificates and can allow for background reconnection for mobile users. However, it may not be the best option for larger organizations or for networks with a high number of users, as the shared key must be distributed securely to all authorized users.
Open systems authentication is a non-secure authentication method that does not meet the security requirements of the wireless network.
EAP-TLS (Extensible Authentication Protocol-Transport Layer Security) is a secure authentication method that uses digital certificates to authenticate both the client and the server. It meets the requirement of not being dependent on the enterprise directory service for authentication and does not depend on user certificates. However, it may not allow for background reconnection for mobile users.
Captive portals require users to authenticate themselves through a web page before being granted access to the wireless network. This method may meet the requirement of not being dependent on the enterprise directory service for authentication, but it may not allow for background reconnection for mobile users and may not be the best option for larger organizations or for networks with a high number of users.
Based on the design requirements, the two best options to use in the design to meet the requirements are PSK and EAP-TLS. PSK can allow for background reconnection for mobile users and does not depend on user certificates, while EAP-TLS does not depend on the enterprise directory service for authentication and does not depend on user certificates.