Matt, a systems security engineer, is determining which credential-type authentication to use
within a planned 802.1x deployment. He is looking for a method that does not require a client
certificate, has a server side certificate, and uses TLS tunnels for encryption. Which credential
type authentication method BEST fits these requirements?

A.
EAP-TLS

B.
EAP-FAST

C.
PEAP-CHAP

D.
PEAP-MSCHAPv2

Explanation:
PEAP-MS-CHAP v2 is easier to deploy than EAP-TLS or PEAP-TLS because user authentication
is accomplished via password-base credentials (user name and password) rather than digital
certificates or smart cards. Only servers running Network Policy Server (NPS) or PEAP-MS-CHAP
v2 are required to have a certificate.