A company’s security policy states any remote connections must be validated using two forms of network-based authentication. It also states local administrative accounts should not be used for any remote access. PKI currently is not configured within the network. RSA tokens have been provided to all employees, as well as a mobile application that can be used for 2FA authentication. A new NGFW has been installed within the network to provide security for external connections, and the company has decided to use it for VPN connections as well. Which of the following should be configured? (Choose two.)
A. Certificate-based authentication
B. TACACS+
C. 802.1X
D. RADIUS
E. LDAP
F. Local user database
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
 |
Radius & 802.1x is correct
IT admins can also use JumpCloud’s built-in 2FA service to enforce tighter security on their RADIUS (and VPN) authentication. Of course, enabling 2FA using RADIUS is only one of the many uses of JumpCloud Directory-as-a-Service
Secure LDAP (LDAPS) is a method of implementing LDAP using SSL/TLS encryption protocols to prevent eavesdropping and man-in-the-middle attacks. LDAPS forces both the client and server to establish a secure connection before any transmissions can occur, and if the secure connection is interrupted or dropped, LDAPS closes it. The server implementing LDAPS requires a signed certificate issued by a certificate authority, and the client must accept and install the certificate on their machine.
I would go with C and D. Implementing 802.1X with a radius server would provide secure multifactor authentication. Because E just said LDAP and not secure LDAP or (LDAPS) is why I parted from that one. A is included in 802.1X and B and F don’t make any sense in this situation.
Could RADIUS and 802.1X be configured to keep the admin accounts from remote access?
DE
RADIUS and LDAP