Which of the following is the least reasonable pairing relationship in terms of network access control? (Wentz QOTD)
A. Supplicants and the Authentication Server per 802.1X
B. Network Access Servers and the Authentication Server per RADIUS
C. VPN clients and the Network Access Server per L2TP
D. Wireless devices and the Access Point per PEAP

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is A. Supplicants and the Authentication Server per 802.1X.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams, and an informative reference for security professionals.

In 802.1X, supplicants communicate with the authenticator, which forwards authentication messages to the Authentication Server. Supplicants don’t authenticate to the authentication server directly.

Generally speaking, Network Access Servers (NASs) refer to servers providing remote access services, such as dial-up, VPN, etc. A VPN server can be viewed as one type of NAS.

Reference

---

在網絡訪問控制方面，以下哪一項是最不合理的配對關係？ (Wentz QOTD)
A. 根據 802.1X 的請求方(supplicant)和身份驗證服務器(authentication server)
B. 根據 RADIUS 的網絡訪問服務器(network access server)和身份驗證服務器
C. 根據 L2TP 的 VPN 客戶端和網絡訪問服務器
D. 根據 PEAP 的無線設備和接入點(Access Point)