CompTIA Security Plus Mock Test Q1025

Joe, the systems administrator, is setting up a wireless network for his team’s laptops only and needs to prevent other employees from accessing it. Which of the following would BEST address this?

A. Disable default SSID broadcasting.
B. Use WPA instead of WEP encryption.
C. Lower the access point’s power settings.
D. Implement MAC filtering on the access point.

Correct Answer: D
Section: Cryptography

Explanation:
If MAC filtering is turned off, any wireless client that knows the values looked for (MAC addresses) can join the network. When MAC filtering is used, the administrator compiles a list of
the MAC addresses associated with users’ computers and enters those addresses. When a client attempts to connect and other values have been correctly entered, an additional
check of the MAC address is done. If the address appears in the list, the client is allowed to join; otherwise, it is forbidden from doing so.

Incorrect Answers:
A: Disabling SSID broadcasting is not the best solution.
One method of protecting the network that is often recommended is to disable, or turn off, the SSID broadcast (also known as cloaking). The access point is still there, and it is still
accessible by those who have been told of its existence by the administrator, but it prevents those who are just scanning from finding it. This is considered a very weak form of security,
because there are still other ways, albeit a bit more complicated, to discover the presence of the access point besides the SSID broadcast.
B: WPA offers better protection than WEP, but is not the best solution here.
C: On the chance that the signal is actually traveling too far, some access points include power level controls, which allow you to reduce the amount of output provided. However, this
would help here. Employees would still be in the range of the access point.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 171, 178, 183, 258