When deploying a wireless network that is authenticated using EAP PEAP, which two configurations are required? (Choose two.)
When deploying a wireless network that is authenticated using EAP PEAP, which two configurations are required? (Choose two.)
When deploying a wireless network using EAP PEAP (Protected Extensible Authentication Protocol), the authentication server must be authenticated using an X.509 certificate. This is crucial to establish a secure TLS tunnel between the client and the server. Additionally, PEAP requires the use of WPA2 or WPA3 in Enterprise mode, which provides the necessary security and supports 802.1X authentication. Therefore, the required configurations are an X.509 certificate to authenticate the authentication server and a WPA2 or WPA3 Enterprise wireless network.
B and D
Using PEAP you only need Server cert. you dont need Client cert. and of course WPA2/3 Enterprise.
B and D is correct
Study guide p221 show X.509 is used to authenticate the server - so thats answer B and WPA2 Enterprise is required, so thats answer D
Page 221 on the study guide. slide shows that a cert is used to authenticate the server. And then we have the following text. Using encapsulated EAP methods, the client establishes a TLS session first. At this point, the authentication server uses a digital certificate to authenticate the client.
The study guide is slightly misleading here. That block of text is referring EAP methods more generally. Both PEAP versions supported by fortiOS only require a pki cert to authenticate the server. Microsoft has its own proprietary version of what it calls PEAP (PEAP-EAP-TLS) which requires the installation of a cert on the client, but it is not widely supported and behaves more like the initial iterations of EAP-TLS and not PEAP