- A
Enable WEP on the main router and set a complex 128-bit key.
Why wrong: Incorrect. Using WEP for the entire network exposes all traffic to known attacks; it should not be used for sensitive data.
- B
Replace the printers with modern ones that support WPA2.
Why wrong: Incorrect. While ideal, replacing printers may not be immediately feasible; a VLAN solution is more practical.
- C
Create a separate VLAN for the printers using WEP and a strong passphrase, and keep the main network on WPA2.
Correct. This isolates the insecure WEP traffic to the printer VLAN, protecting the main network and sensitive data.
- D
Set the router to mixed mode (WEP + WPA2) and use a single SSID.
Why wrong: Incorrect. Mixed mode forces all devices to use the lowest common denominator, degrading security for the entire network.
Quick Answer
The answer is to create a separate VLAN for the legacy WEP devices while keeping the main network on WPA2. This is correct because WEP is a deprecated, severely flawed encryption protocol that can be cracked in minutes, but VLAN isolation contains that vulnerability to a segmented subnet, preventing attackers from pivoting to sensitive data on the primary network. On the CompTIA A+ Core 2 220-1202 exam, this scenario tests your understanding of network segmentation as a compensating control—a common trap is thinking you must upgrade the printers or disable WEP entirely, but the exam expects you to balance functionality with security by isolating the legacy device WEP traffic. Remember the memory tip: “Isolate the old, secure the new”—the VLAN acts as a quarantine zone, so even if WEP is broken, the main WPA2 network remains untouched.
220-1202 Wireless Security Protocols Practice Question
This 220-1202 practice question tests your understanding of wireless security protocols. Read the scenario carefully and evaluate each option against the stated constraints before committing to an answer. After answering, compare your reasoning against the explanation and wrong-answer breakdown below. Once you have made your selection, read the full explanation to reinforce the concept and understand why each distractor is designed to mislead on exam day.
A technician is setting up a wireless network for a small office that handles sensitive client data. The office has a mix of modern laptops and a few legacy printers that only support WEP. What should the technician do to maintain security while keeping the printers functional?
Answer choices
Why each option matters
Answer the question above first, then reveal the full breakdown to understand why each option is right or wrong.
Correct answer & explanation
Create a separate VLAN for the printers using WEP and a strong passphrase, and keep the main network on WPA2.
WEP is deprecated due to severe vulnerabilities. The best practice is to isolate legacy devices on a separate VLAN with WEP and use a strong passphrase, while the main network uses WPA2 or WPA3. This limits exposure of sensitive data.
Key principle: A trunk being up does not mean the VLAN is allowed across it. Always verify the allowed VLAN list and whether the VLAN exists on both switches.
Answer analysis
Option-by-option breakdown
For each option: why learners choose it and why it is or isn't the right answer here.
- ✗
Enable WEP on the main router and set a complex 128-bit key.
Why it's wrong here
Incorrect. Using WEP for the entire network exposes all traffic to known attacks; it should not be used for sensitive data.
- ✗
Replace the printers with modern ones that support WPA2.
Why it's wrong here
Incorrect. While ideal, replacing printers may not be immediately feasible; a VLAN solution is more practical.
- ✓
Create a separate VLAN for the printers using WEP and a strong passphrase, and keep the main network on WPA2.
- ✗
Set the router to mixed mode (WEP + WPA2) and use a single SSID.
Why it's wrong here
Incorrect. Mixed mode forces all devices to use the lowest common denominator, degrading security for the entire network.
Common exam traps
Common exam trap: an active trunk can still block the VLAN you need
A trunk being up does not prove every VLAN is crossing it. Check allowed VLAN lists, native VLAN mismatch, VLAN existence and access-port assignment.
Detailed technical explanation
How to think about this question
VLAN questions usually combine access-port and trunking clues. The key is to identify whether the issue is local to one switchport, caused by the trunk, or caused by the VLAN not existing where it needs to exist.
KKey Concepts to Remember
- Access ports place end devices into a single VLAN.
- Trunk ports carry multiple VLANs between switches.
- Allowed VLAN lists decide which VLANs can cross a trunk.
- Native VLAN mismatch can create confusing symptoms.
TExam Day Tips
- Use show vlan brief to verify access VLANs.
- Use show interfaces trunk to verify trunk state and allowed VLANs.
- Do not treat every same-VLAN issue as a routing problem.
Key takeaway
A trunk being up does not mean the VLAN is allowed across it. Always verify the allowed VLAN list and whether the VLAN exists on both switches.
Real-world example
How this comes up in practice
A help-desk technician troubleshoots why a newly connected PC cannot reach shared printers on the same floor. The cable is good, the switch port is active, but the PC is in VLAN 20 and the printers are in VLAN 10. The uplink trunk only allows VLAN 10. A trunk being up does not mean every VLAN crosses it.
What to study next
Got this wrong? Here's your next step.
Review VLAN allowed lists, native VLAN mismatch detection, and how to verify VLAN membership with show vlan brief and show interfaces trunk. Then practise related 220-1202 questions on switching, trunking, and access-port configuration.
- →
Wireless Security Protocols — study guide chapter
Learn the concepts, then practise the questions
- →
Wireless Security Protocols practice questions
Targeted practice on this topic area only
- →
All 220-1202 questions
750 questions across all exam domains
- →
CompTIA A+ Core 2 220-1202 study guide
Full concept coverage aligned to exam objectives
- →
220-1202 practice test guide
How to use practice tests most effectively before exam day
Related practice questions
Related 220-1202 practice-question pages
Use these pages to review the topic behind this question. This is how one missed question becomes focused revision.
Windows OS Features and Tools practice questions
Practise 220-1202 questions linked to Windows OS Features and Tools.
Windows Settings and Control Panel practice questions
Practise 220-1202 questions linked to Windows Settings and Control Panel.
Windows Command-Line Tools practice questions
Practise 220-1202 questions linked to Windows Command-Line Tools.
Windows Administrative Tools practice questions
Practise 220-1202 questions linked to Windows Administrative Tools.
macOS Features and Tools practice questions
Practise 220-1202 questions linked to macOS Features and Tools.
Linux Commands and File Permissions practice questions
Practise 220-1202 questions linked to Linux Commands and File Permissions.
Mobile OS Features and Tools practice questions
Practise 220-1202 questions linked to Mobile OS Features and Tools.
Virtualization and Cloud Technologies practice questions
Practise 220-1202 questions linked to Virtualization and Cloud Technologies.
Physical Security Controls practice questions
Practise 220-1202 questions linked to Physical Security Controls.
Logical Security Concepts practice questions
Practise 220-1202 questions linked to Logical Security Concepts.
Wireless Security Protocols practice questions
Practise 220-1202 questions linked to Wireless Security Protocols.
Malware Types and Removal practice questions
Practise 220-1202 questions linked to Malware Types and Removal.
Practice this exam
Start a free 220-1202 practice session
Short sessions build daily habit. Longer sessions build exam-day stamina. Try a timed session to simulate real conditions.
FAQ
Questions learners often ask
What does this 220-1202 question test?
Wireless Security Protocols — This question tests Wireless Security Protocols — Access ports place end devices into a single VLAN..
What is the correct answer to this question?
The correct answer is: Create a separate VLAN for the printers using WEP and a strong passphrase, and keep the main network on WPA2. — WEP is deprecated due to severe vulnerabilities. The best practice is to isolate legacy devices on a separate VLAN with WEP and use a strong passphrase, while the main network uses WPA2 or WPA3. This limits exposure of sensitive data.
What should I do if I get this 220-1202 question wrong?
Review VLAN allowed lists, native VLAN mismatch detection, and how to verify VLAN membership with show vlan brief and show interfaces trunk. Then practise related 220-1202 questions on switching, trunking, and access-port configuration.
What is the key concept behind this question?
Access ports place end devices into a single VLAN.
About these practice questions
Courseiva creates original exam-style practice questions with explanations and wrong-answer analysis. It does not publish real exam questions, exam dumps, or protected exam content. Learn why practice questions differ from exam dumps →
Last reviewed: Jun 19, 2026
This 220-1202 practice question is part of Courseiva's free CompTIA certification practice question bank. Courseiva provides original exam-style practice questions with explanations, topic-based practice, mock exams, readiness tracking, and study analytics to help learners prepare for the 220-1202 exam.
Question Discussion
Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.
Sign in to join the discussion.