CASP+ CAS-003 – Question 149


After a large organization has completed the acquisition of a smaller company, the smaller company must implement new host-based security controls to connect its employees’ devices to the network. Given that the network requires 802.1X EAP-PEAP to identify and authenticate devices, which of the following should the security administrator do to integrate the new employees’ devices into the network securely?

A. Distribute a NAC client and use the client to push the company’s private key to all the new devices.
B. Distribute the device connection policy and a unique public/private key pair to each new employee’s device.
C. Install a self-signed SSL certificate on the company’s RADIUS server and distribute the certificate’s public key to all new client devices.
D. Install an 802.1X supplicant on all new devices and let each device generate a self-signed certificate to use for network access.

Correct Answer: D