EAPFASTv2 implemented a requirement to support which of the following cryptographic protocols? (Select the best answer.)
- TLS 1.0
- TLS 1.1
- TLS 1.2
- TLS 1.3
Extensible Authentication ProtocolFlexible Authentication via Secure Tunneling Version 2 (EAPFASTv2) implemented a requirement to support Transport Layer Security (TLS) 1.2. EAPFAST is an authentication protocol that can be used for pointtopoint connections and for both wired and wireless links. EAPFAST Version 1 (EAPFASTv1) supported TLS 1.0 and higher. However, EAPFASTv2 made support of TLS 1.2 a requirement, thereby providing EAPFASTv2 with a stronger encryption algorithm than EAPFASTv1.
The EAPFAST authentication process consists of three phases. The first phase, which is optional and is considered phase 0, consists of provisioning a client with a Protected Access Credential (PAC), which is a digital credential that is used for authentication. A PAC can be manually configured on a client, in which case phase 0 is not required. The second phase, which is referred to as phase 1, involves creating a secure tunnel between the client and the server. The final phase, which is referred to as phase 2, involves authenticating the client. If the client is authenticated, the client will be able to access the network.
Neither EAPFASTv1 nor EAPFASTv2 is specifically required to support TLS 1.3. TLS 1.3 is a working draft that is based on TLS 1.2. Some of the proposed changes to TLS in TLS 1.3 include the removal of support for Elliptic Curve Cryptography (ECC), Message Digest 5 (MD5), and Secure Hash Algorithm 224 (SHA224).