EAPFASTv2 implemented a requirement to support which of the following cryptographic protocols? (Select the
best answer.)

A.
TLS 1.0

B.
TLS 1.1

C.
TLS 1.2

D.
TLS 1.3

Explanation:
Extensible Authentication ProtocolFlexible Authentication via Secure Tunneling Version 2 (EAPFASTv2)
implemented a requirement to support Transport Layer Security (TLS) 1.2. EAPFAST is an authentication
protocol that can be used for pointtopoint connections and for both wired and wireless links. EAPFAST Version
1 (EAPFASTv1) supported TLS 1.0 and higher. However, EAPFASTv2 made support of TLS 1.2 a requirement,
thereby providing EAPFASTv2 with a stronger encryption algorithm than EAPFASTv1.
The EAPFAST authentication process consists of three phases. The first phase, which is optional and is
considered phase 0, consists of provisioning a client with a Protected Access Credential (PAC), which is a
digital credential that is used for authentication. A PAC can be manually configured on a client, in which case
phase 0 is not required. The second phase, which is referred to as phase 1, involves creating a secure tunnel
between the client and the server. The final phase, which is referred to as phase 2, involves authenticating the
client. If the client is authenticated, the client will be able to access the network.
Neither EAPFASTv1 nor EAPFASTv2 is specifically required to support TLS 1.3. TLS 1.3 is a working draft that
is based on TLS 1.2. Some of the proposed changes to TLS in TLS 1.3 include the removal of support for
Elliptic Curve Cryptography (ECC), Message Digest 5 (MD5), and Secure Hash Algorithm 224 (SHA224).

IETF: Flexible Authentication via Secure Tunnel Extension Authentication Protocol (EAPFAST) Version 2:
1.2. Major Differences from Version 1