A technician is setting up a new wireless network for a small office. They want to ensure that only company-issued devices can connect, and that data transmitted over the air is encrypted. Which combination of settings should they use?
Trap 1: WPA2 with TKIP encryption and SSID broadcast disabled.
TKIP is outdated and insecure; hiding SSID does not prevent determined attackers from discovering the network.
Trap 2: WEP with 128-bit key and a strong password.
WEP is easily cracked and provides inadequate security regardless of key length.
Trap 3: Open network with a captive portal requiring employee login.
Open networks have no encryption; a captive portal only authenticates users but data is transmitted in plaintext.
- A
WPA2 with TKIP encryption and SSID broadcast disabled.
Why wrong: TKIP is outdated and insecure; hiding SSID does not prevent determined attackers from discovering the network.
- B
WPA3 with AES encryption and MAC address filtering.
WPA3 with AES provides strong encryption, and MAC filtering restricts access to approved devices.
- C
WEP with 128-bit key and a strong password.
Why wrong: WEP is easily cracked and provides inadequate security regardless of key length.
- D
Open network with a captive portal requiring employee login.
Why wrong: Open networks have no encryption; a captive portal only authenticates users but data is transmitted in plaintext.