nerdexam
(ISC)2

CISSP · Question #541

An organization implements a remote access server (RAS), Once users connect to the server, digital certificates are used to authenticate their identity. What type of extensible Authentication protocol

The correct answer is D. Transport layer security (TLS). Transport Layer Security (TLS) is the type of Extensible Authentication Protocol (EAP) that the organization would use during this authentication. EAP is a framework that enables the use of various authentication methods and protocols in wireless and remote access networks. EAP s

Submitted by amina.ke· Mar 5, 2026Communication and Network Security

Question

An organization implements a remote access server (RAS), Once users connect to the server, digital certificates are used to authenticate their identity. What type of extensible Authentication protocol (EAP) would the organization use during this authentication?

Options

  • AMessage Digest 5 (MD5)
  • BSubscriber Identity Module (SIM)
  • CLightweight Extensible Authentication Protocol (EAP)
  • DTransport layer security (TLS)

How the community answered

(34 responses)
  • A
    6% (2)
  • B
    3% (1)
  • C
    3% (1)
  • D
    88% (30)

Explanation

Transport Layer Security (TLS) is the type of Extensible Authentication Protocol (EAP) that the organization would use during this authentication. EAP is a framework that enables the use of various authentication methods and protocols in wireless and remote access networks. EAP supports different types of credentials, such as passwords, tokens, certificates, or biometrics. EAP-TLS is a type of EAP that uses TLS to provide mutual authentication and encryption between the client and the server, using digital certificates. EAP-TLS is considered one of the most secure and robust EAP methods, as it prevents man-in-the-middle, replay, and dictionary attacks, and provides confidentiality, integrity, and non-repudiation for the authentication process.

Topics

#EAP#digital certificates#TLS#authentication protocols

Community Discussion

No community discussion yet for this question.

Full CISSP Practice