Your network contains an Active Directory domain named contoso.com. The domain contains a server named
Server1 that runs Windows Server 2012 P.2. Server1 has the Network Policy and Access Services server role
installed.
Your company’s security policy requires that certificate-based authentication must be used by some network
services.
You need to identify which Network Policy Server (NPS) authentication methods comply with the security policy.Which two authentication methods should you identify? (Each correct answer presents part of the solution.
Choose two.)
A.
MS-CHAP
B.
PEAP-MS-CHAP v2
C.
Chap
D.
EAP-TLS
E.
MS-CHAP v2
Explanation:
PEAP is similar in design to EAP-TTLS, requiring only a server-side PKI certificate to create a secure TLS
tunnel to protect user authentication, and uses server-side public key certificates to authenticate the server.
When you use EAP with a strong EAP type, such as TLS with smart cards or TLS with certificates, both the
client and the server use certificates to verify their identities to each other.