Exam 220-1102 topic 1 question 508 discussion

Captive Portal would cover any device with a web browser.

Why not the others? A. Local certificates These require certificate management and are better suited for corporate-owned devices, not personal BYOD devices. B. TACACS+ ➤ Primarily used for device administration (e.g., routers/switches) — not for authenticating Wi-Fi clients. C. RADIUS While RADIUS is a backend protocol used to authenticate Wi-Fi users, it’s more appropriate in managed enterprise environments with pre-configured devices — not ideal alone for BYOD unless paired with something like a captive portal.

C. RADIUS RADIUS (Remote Authentication Dial-In User Service) is a network protocol that provides centralized authentication, authorization, and accounting (AAA) services. It is well-suited for BYOD environments as it can be used to authenticate devices and users, enforce security policies, and track usage.   By using RADIUS, organizations can ensure that only authorized devices can access the wireless network and that appropriate security measures are in place. Google Gemini

Captive portals are typically for things like hotel guest WiFi connections. It's likely you would be authenticating to a RADIUS server in a corporate environment.

C. Centralize authentication for users on a wide variety of platforms and devices

Associate with Byod

For BYOD (Bring Your Own Device) scenarios, where various types of devices may connect to the network, a captive portal authentication method is commonly used. A captive portal requires users to authenticate or agree to terms and conditions before accessing the network. This method is suitable for allowing guest access or BYOD devices without the need for complex authentication systems like TACACS+ or RADIUS, or the need for managing local certificates.

D. lacks the flexibility and security offered by RADIUS authentication. Not sure.

The answer is RADIUS

BYOD uses CAPTIVE PORTALS