In which of the following authentication protocols is support for TLS 1.2 specifically required? (Select the best
answer.)

A.
EAPFASTv1

B.
EAPFASTv2

C.
EAPMD5

D.
EAPTLS

E.
EAPPEAP

Explanation:
Of the available choices, only Extensible Authentication ProtocolFlexible Authentication via Secure Tunneling
Version 2 (EAPFASTv2) is specifically required to support Transport Layer Security (TLS) 1.2. EAPFAST is an
authentication protocol that can be used for pointtopoint connections and for both wired and wireless links.
EAPFAST Version 1 (EAPFASTv1) supported TLS 1.0 and higher. However, EAPFASTv2 made support of
TLS 1.2 a requirement, thereby providing EAPFASTv2 with a stronger encryption algorithm than EAPFASTv1.
EAPTransport Layer Security (EAPTLS) does not specifically require support for TLS 1.2, although EAPTLS is
designed to support TLS 1.0 and higher. EAPTLS is an Internet Engineering Task Force (IETF) standard that is
defined in Request for Comments (RFC) 5216.
Protected EAP (PEAP) does not specifically require support for TLS 1.2. PEAP is an open standard developed
by Cisco, Microsoft, and RSA. PEAP and other later variants of EAP, such as EAPTLS, and EAPTunneled TLS
(EAPTTLS), are replacing Lightweight EAP (LEAP). PEAP supports TLS 1.0 and higher.
EAP Message Digest 5 (EAPMD5) does not specifically require support for TLS 1.2. EAPMD5 uses an MD5
hash function to provide security and is therefore considered weak when compared to later methods. EAP is an
IETF standard that was originally defined in RFC 2284. It does not support TLS at all.

IETF: Flexible Authentication via Secure Tunnel Extension Authentication Protocol (EAPFAST) Version 2:
1.2. Major Differences from Version 1