What provides authentication using public key infrastructure and a digital certificate installed on both client and server?

The correct answer is EAP-TLS, which stands for Extensible Authentication Protocol - Transport Layer Security. This method utilizes Public Key Infrastructure (PKI) to provide strong authentication through the use of digital certificates installed on both the client and server.

In EAP-TLS, during the authentication process, both the client and the server present their respective digital certificates to each other. This exchange ensures mutual authentication, which enhances security by confirming the identity of both parties before establishing a secure connection. The reliance on digital certificates, which are signed by a trusted Certificate Authority (CA), ensures that only legitimate clients and servers can successfully authenticate.

EAP-TLS is recognized for its robustness and is widely used in environments where security is a critical concern, such as enterprise networks. The requirement for both parties to possess certificates adds an additional layer of security, making it harder for unauthorized individuals to gain access.

Other options like EAP-TTLS and Diameter do not use this specific method of authentication. EAP-TTLS does not require a client certificate for authentication, while Diameter is a protocol for authentication and accounting but does not inherently provide a mechanism for mutual authentication through public key infrastructure. EAP-FLEXIBLE, while it could suggest some adaptiveness in authentication methods,