CompTIA Security Plus Mock Test Q1024

The IT department has installed new wireless access points but discovers that the signal extends far into the parking lot. Which of the following actions should be taken to correct this?

A. Disable the SSID broadcasting
B. Configure the access points so that MAC filtering is not used
C. Implement WEP encryption on the access points
D. Lower the power for office coverage only

Correct Answer: D
Section: Cryptography

On the chance that the signal is actually traveling too far, some access points include power level controls, which allow you to reduce the amount of output provided.

Incorrect Answers:
A: Disabling SSID broadcasting is not the best solution.
One method of protecting the network that is often recommended is to disable, or turn off, the SSID broadcast (also known as cloaking). The access point is still there, and it is still
accessible by those who have been told of its existence by the administrator, but it prevents those who are just scanning from finding it. This is considered a very weak form of security,
because there are still other ways, albeit a bit more complicated, to discover the presence of the access point besides the SSID broadcast.
B: Disabling MAC filtering would lower the network security.
If MAC filtering is turned off, any wireless client that knows the values looked for (MAC addresses) can join the network. When MAC filtering is used, the administrator compiles a list of
the MAC addresses associated with users’ computers and enters those addresses. When a client attempts to connect and other values have been correctly entered, an additional
check of the MAC address is done. If the address appears in the list, the client is allowed to join; otherwise, it is forbidden from doing so.
C: WEP encryption is weak and has many vulnerabilities.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 171, 178, 183, 258