Kerberos is the preferred authentication method in an Active Directory environment as it uses time-sensitive tickets that are encrypted and help to prevent replay attacks. The use of tickets ensures that the user's credentials are not repeatedly passed over the network during the ticket's lifetime, which provides a secure way to access network resources. 'RADIUS' is primarily used for remote network access rather than internal authentication. 'TACACS+' is another authentication method but is usually associated with Cisco network devices, not Active Directory environments. Lastly, 'NTLM' is a legacy authentication protocol considered less secure compared to Kerberos in Windows domains due to its lack of mutual authentication and weaker encryption.