WPA2 Enterprise with 802.1x is being used for clients to authenticate to a wireless network through an ACS server. For security reasons, the network engineer wants to ensure only PEAP authentication can be used. The engineer sent instructions to clients on how to configure their supplicants, but users are still in the ACS logs authentication using EAP-FAST.
Which option describes the most efficient way the engineer can ensure these users cannot access the network unless the correct authentication mechanism is configured?
A . Enable AAA override on the SSID, gather the usernames of these users, and disable their RADIUS accounts until they make sure they correctly configured their devices.
B . Enable AAA override on the SSID and configure an access policy in ACS that denies access to the list of MACs that have used EAP-FAS
D . Enable AAA override on the SSID and configure an access policy in ACS that allows access only when the EAP authentication method is PEA
F . Enable AAA override on the SSID and configure an access policy in ACS that puts clients that authenticated using EAP-FAST into a quarantine VLA
Answer: D