A small business wants to set up a wireless network. Which of the following is the BEST security method to use?
WPA2 provides strong encryption.
Why this answer
WPA2 (Wi-Fi Protected Access 2) is the best security method among the options because it uses AES (Advanced Encryption Standard) with CCMP (Counter Mode CBC-MAC Protocol), providing strong encryption and integrity protection. WEP is outdated and easily cracked, while MAC filtering and disabling SSID broadcast are not encryption methods and offer minimal security against determined attackers.
Exam trap
The trap here is that candidates often confuse security features like MAC filtering or hiding the SSID with actual encryption, thinking they provide strong protection, when in fact they are easily bypassed and do not secure the data in transit.
How to eliminate wrong answers
Option A is wrong because WEP (Wired Equivalent Privacy) uses the flawed RC4 cipher with a static 40- or 104-bit key, making it vulnerable to cracking in minutes with tools like aircrack-ng. Option C is wrong because MAC address filtering only checks the hardware address of the network interface, which can be easily spoofed by an attacker using tools like macchanger, and it does not encrypt traffic. Option D is wrong because disabling SSID broadcast only hides the network name from beacon frames, but the SSID is still transmitted in probe requests and responses, and can be discovered with passive sniffing tools like Kismet.