
You are implementing a wireless network that requires user authentication to connect to the access point. Which of the following best supports forwarding authentication requests from the authenticator to the authentication server? (Wentz QOTD)
A. 802.1X
B. VXLAN
C. EAP
D. RADIUS
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is D. RADIUS.
Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.

802.1X
802.1X is also known as EAP over LAN (EAPoL), which requires supplicants (hosts) to authenticate to the authenticator (switches or APs) before they are connected to the network. The authenticator server is the server that hosts the directory as the identity provider.
RADIUS
802.1X authenticators typically don’t implement a directory to authenticate supplicants. Instead, they rely on external authentication servers through the RADIUS protocol.

Extensible Authentication Protocol (EAP)
Extensible Authentication Protocol (EAP) is an authentication framework based on which vendors can develop authentication protocols. EAP-based authentication protocols typically have the prefix EAP-, e.g., EAP-TLS.




Reference
您正在實施需要用戶身份驗證才能連接到AP的無線網絡。 以下哪項最支持將身份驗證請求從驗證者(authenticator)轉發到驗證服務器? (Wentz QOTD)
A. 802.1X
B. VXLAN
C. EAP
D. RADIUS